Cloud Security – Training Course

What is Cloud Security?

Cloud security is a set of strategies and practices used to secure cloud environments, applications, and data. Cloud security ensures the preservation of confidentiality, integrity, availability, and privacy of information hosted in a private, public, community, or hybrid cloud deployment model. It provides multiple levels of security controls in the cloud infrastructure that ensure data protection and business continuity.

Why is Cloud Security important for you?

As the use of cloud computing grows constantly, so does the need to ensure cloud security. Data breaches and other forms of attacks happen mainly as a result of poor security practices, complicated controls, and misconfigurations. This makes cloud security essential to the effective operation of cloud services.

Organizations adopting cloud technology must ensure that the level of security of their cloud systems meets their requirements and complies with the applicable laws and regulations.

Implementing the guidelines of ISO/IEC 27017 helps cloud service providers and customers to establish, implement, and maintain information security controls related to cloud services. ISO/IEC 27017 provides additional guidance in selecting information security controls applicable to cloud services based on risk assessment and other cloud-specific information security requirements.

In addition, cloud service providers that process personally identifiable information (PII) in the cloud can implement the guidelines of ISO/IEC 27018 to meet the requirements of applicable regulations and legislation related to the protection of PII.

The Benefits of Cloud Security Certification

A PECB Cloud Security certificate demonstrates that you possess:

  • A comprehensive understanding of cloud security concepts and principles
  • The ability to identify and assess cloud-specific vulnerabilities and threats
  • Practical knowledge to advise an organization in managing a cloud security program
  • Knowledge on the tools and best practices needed to migrate to the cloud
  • Knowledge needed to respond to and recover from a cloud security incident
  • Skills needed to maintain and improve cloud security

The following are the results of a survey conducted with organizations that use cloud solutions:

 

Lead Cloud Security Manager

How do I get started with Cloud Security Training?

We aim to help you expand your professional knowledge and advance your skills in cloud security. PECB experts are willing to help you with the certification process and with obtaining your PECB Certified Cloud Security Manager credentials.

Training Course Overview

The Lead Cloud Security Manager training course enables participants to develop the competence needed to implement and manage a cloud security program by following widely recognized best practices.

Why should you attend?

The growing number of organizations that support remote work has increased the use of cloud computing services, which has, in turn, increased the demand for a secure cloud infrastructure proportionally. 

This training course is designed to help participants acquire the knowledge and skills needed to support an organization in effectively planning, implementing, managing, monitoring, and maintaining a cloud security program based on ISO/IEC 27017 and ISO/IEC 27018. It provides a comprehensive elaboration of cloud computing concepts and principles, cloud computing security risk management, cloud-specific controls, cloud security incident management, and cloud security testing.

The training course is followed by the certification exam. If you successfully pass it, you can apply for a “PECB Certified Lead Cloud Security Manager” credential. A PECB Lead Cloud Security Manager Certificate demonstrates your ability and competencies to manage a cloud security program based on best practices.

Who should attend?

  • Cloud security and information security professionals seeking to manage a cloud security program 
  • Managers or consultants seeking to master cloud security best practices
  • Individuals responsible for maintaining and managing a cloud security program
  • Technical experts seeking to enhance their cloud security knowledge 
  • Cloud security expert advisors

Learning objectives

  • Gain a comprehensive understanding of the concepts, approaches, methods, and techniques used for the implementation and effective management of a cloud security program 
  • Acknowledge the correlation between ISO/IEC 27017, ISO/IEC 27018, and other standards and regulatory frameworks
  • Gain the ability to interpret the guidelines of ISO/IEC 27017 and ISO/IEC 27018 in the specific context of an organization
  • Develop the necessary knowledge and competence to support an organization in effectively planning, implementing, managing, monitoring, and maintaining a cloud security program
  • Acquire the practical knowledge to advise an organization in managing a cloud security program by following best practices

Educational approach

  • The training course contains essay-type exercises, multiple-choice quizzes, and examples of cloud security best practices.
  • The participants are encouraged to communicate with each other and engage in discussions when completing quizzes and exercises.
  • The exercises are based on a case study.
  • The structure of the quizzes is similar to that of the certification exam.

Prerequisites

The main requirement for participating in this training course is having a fundamental understanding of ISO/IEC 27017 and ISO/IEC 27018 and a general knowledge of cloud computing concepts.

Course Agenda

  • Day 1: Introduction to ISO/IEC 27017 and ISO/IEC 27018 and the initiation of a cloud security program

    Day 2: Cloud computing security risk management and cloud-specific controls

    Day 3: Documented information management and cloud security awareness and training

    Day 4: Cloud security incident management, testing, monitoring, and continual improvement

    Day 5: Certification exam

Examination

  • The “PECB Certified Lead Cloud Security Manager” exam meets the requirements of the PECB Examination and Certification Program (ECP). It covers the following competency domains:

    Domain 1: Fundamental principles and concepts of cloud computing

    Domain 2: Information security policy for cloud computing and documented information management

    Domain 3: Cloud computing security risk management

    Domain 4: Cloud-specific controls based on ISO/IEC 27017 and ISO/IEC 27018 and best practices

    Domain 5: Cloud security awareness, training, roles, and responsibilities

    Domain 6: Cloud security incident management

    Domain 7: Cloud security testing, monitoring, and continual improvement

    For specific information about exam type, languages available, and other details, please visit the List of PECB Exams and the Examination Rules and Policies.

Certification

  • After successfully passing the exam, you can apply for one of the credentials below. You will receive the certificate once you comply with all the relevant requirements. 

    For more information about the Cloud Security Manager certifications and the PECB certification process, please refer to the Certification Rules and Policies.

    The requirements for PECB Cloud Security Manager Certifications are as follows:

    CredentialExamProfessional experienceCCSMS project experienceOther requirements
    PECB Certified Provisional Cloud Security ManagerPECB Certified Lead Cloud Security Manager exam or equivalentNoneNoneSigning the PECB Code of Ethics
    PECB Certified Cloud Security ManagerPECB Certified Lead Cloud Security Manager exam or equivalentTwo years (One in cloud security)200 hoursSigning the PECB Code of Ethics
    PECB Certified Lead Cloud Security ManagerPECB Certified Lead Cloud Security Manager exam or equivalentFive years (Two in cloud security)300 hoursSigning the PECB Code of Ethics
    PECB Certified Senior Lead Cloud Security ManagerPECB Certified Lead Cloud Security Manager exam or equivalentTen years (Seven in cloud security)1,000 hoursSigning the PECB Code of Ethics

    The cloud security project experience should follow best implementation and management practices and include the following activities:

    1. Implementing a cloud security program
    2. Managing a cloud security program
    3. Managing documented information in the cloud
    4. Monitoring the cloud security performance
    5. Managing a cloud security team

General Information

  • Certification and examination fees are included in the price of the training course
  • Participants will be provided with the training course material containing over 500 pages of explanatory information, examples, best practices, exercises, and quizzes.
  • An attestation of course completion worth 31 CPD (Continuing Professional Development) credits will be issued to the participants who have attended the training course.
  • In case candidates fail the exam, they can retake it within 12 months of the initial attempt for free.