Examining the Risks of Cloud Computing
Cloud Computing Risks & Mitigation Based on Best Practices and NIST Publications for FISMA Compliance
IP3 has teamed up with FITSI DC to provide this exciting 2-day workshop. Interested in providing a similar session for your association? Contact us and we can custom design one to suit your organization or association.
Get 14 CPE Credits!
Course Overview
Organizations now more than ever are feeling pressure to reduce IT costs and optimize IT operations. Cloud computing is rapidly growing, as it is a viable, cost-effective way to create dynamic, rapidly provisioned resources for a number of areas; including: development environments, operating platforms, applications, storage, etc.
There are many security considerations that exist that compliance and information security professionals need to consider when evaluating the risks of cloud computing. During this 2-day session we will explore:
- Cloud Architecture – based on architecture and materials described in NIST SP 144, 145, and 146
- Cloud Threats, Vulnerabilities, and Exploits
- Reviewing the SSAE 16 Auditor’s Report
- Extending controls to the cloud `
- Access Control and Key Management in the Cloud as prescribed by NIST SP 144/146
What you will learn
- Understand the benefits, risks and recommendations for Information Security in the Cloud and develop an information assurance framework that outlines vulnerabilities, liabilities and key legal issues.
- Learn how to develop a cloud computing architectural framework and reference model
- Understand Governance and Enterprise Risk Management in the Cloud
- Identify legal issues and eDiscovery considerations
- Analyze compliance and auditor requirements
- Identify the phases of data security lifecycle and their key elements
- Understand encryption methods and review practical encryption use cases and key management practices and standards
- Summarize risk mitigation techniques
- Review Data Center Operations in a cloud environment
- Identify Incident Response, Notification, and Remediation
- Understand response trade-offs in Application Security
What you get
- IP3 Workbook
- CD containing the following:
- CSA’s eBook on Security Guidance for Critical Areas of Focus in Cloud computing V2.1
- ENISA eBook on Cloud Computing Security Risk Assessment
- Relevant white papers on Cloud Computing
- NIST SP800-144 Guidelines on Security and Privacy in Public Cloud Computing
- NIST SP800-145 The NIST Definition of Cloud Computing
- NIST SP800-146 Cloud Computing Synopsis and Recommendations