Cloud Security Architecture - A Practical Approach

Hands-on security architecture for the public cloud using NIST Cybersecurity Framework

What you'll learn
Build cloud security architecture using a practical example
Apply a methodology based on NIST Cybersecurity Framework
Comply with regulations like HIPAA and GDPR
Manage risks like ransomware attacks and misconfigurations and select mitigation measures
Use a defense in depth strategy to build a resilient architecture
Create a cloud security strategy
Create security architecture documentation
Requirements
Cloud fundamentals
Basic IT security
Understanding of IT architecture
Description
In this course you will learn how to master security architecture for the cloud. You will be using a methodology based on NIST Cybersecurity Framework to take your architecture from business- and regulatory requirements all the way to components and capabilities that can be implemented in the public cloud. The course will teach you how to map requirements to security measures and perform risk assessments. You will learn to master security strategy for the cloud and build a resilient security posture using a defense in depth strategy. You will also be able to prove compliance to regulations like GDPR and HIPAA using the methodology presented in the course. An important learning objective is also to create structured security architecture documentation. This course is based on a Health Clinic example and has a hands-on focus for learning. After course completion, you can use all the provided methods and templates from the course in your own work. The resulting components and capabilities can be implemented in any cloud platform, but the course does not cover a cloud platform specific technical implementation of the architecture.Course contents:2,5 hours of video lectures6 hands-on assignments6 Quizzes10 downloadable templates:Requirements mapping templateSecurity requirements mapping templateRequirements mapping visualization templateRisk assessment templateCloud security strategy templateDefense in depth assessment template and defense in depth circle templateCompliance mapping workbookGDPR and HIPA visualization templatesSecurity architecture specification template

Overview

Section 1: Introduction

Lecture 1 Introduction to the course

Lecture 2 Course objectives and contents

Section 2: Cloud security architecture

Lecture 3 What is cloud security architecture?

Lecture 4 The cloudsarc methodology

Lecture 5 NIST Cybersecurity Framework for cloud

Lecture 6 Section summary

Section 3: Cloudsarc Health Clinic

Lecture 7 Business requirements

Lecture 8 Regulatory requirements

Lecture 9 Security requirements

Lecture 10 Section summary

Section 4: Selecting security measures

Lecture 11 Mapping to security measures

Lecture 12 Logical security architecture

Lecture 13 Section summary

Section 5: Managing risk

Lecture 14 Risk management

Lecture 15 The risk assessment process

Lecture 16 Risk mitigation

Lecture 17 Section summary

Section 6: Cloud security strategy

Lecture 18 Why do we need a cloud security strategy?

Lecture 19 Creating the strategy

Lecture 20 Section summary

Section 7: Cloud defense in depth

Lecture 21 Defense in depth

Lecture 22 Defense in depth layers

Lecture 23 Defense in depth assessment

Lecture 24 Section summary

Section 8: Security and compliance documentation

Lecture 25 Security and compliance

Lecture 26 Using the GDPR mapping worksheet

Lecture 27 Using the HIPAA mapping worksheet

Lecture 28 Security architecture specification

Lecture 29 Section summary

Section 9: Adapting the methodology

Lecture 30 Methodology adaption

Lecture 31 The mapping magic

Lecture 32 Manage growth and communication

Lecture 33 Section summary

Section 10: Course summary

Lecture 34 What you have learned

Students in IT Security,Professionals working with cloud architecture and security,Security architects,CISOs and other enterprise security staff