- 0 (Registered)
Enforcing Cyber Security and Cloud Computing
Cloud computing is more than a decade old, but cyber security, compliance, and even definitions of the technology components, are changing rapidly.
The legal system is lagging behind the adoption of the technology. For example, the contracts used by many cloud vendors essentially disclaim any responsibility for data loss. Also, downtime, or loss of revenue caused by either. In addition, the federal government (and some state governments) has adopted statutory requirements applicable to many industries.
Many argue that cloud computing is simply a form of outsourcing. Although this observation has some truth, it understates the legal issues raised by cloud computing. Others are still trying to grasp the scope of technology change and keep up with understand what their employees and contractors are doing online.
Cyber Security Fears
The fears are understandable. The last three years have shown an extraordinary explosion of cyberattacks, both against individual companies and users and within the cloud. Cyberattacks continue to disrupt our way of life with innovative new approaches to seeding malware and stealing our data. In addition to offsetting the fear highlighted above through good security practices.
1. For enforcement to be practical, update policies regularly to keep up with emerging threats.
2. Also, Breaking policies into achievable tasks transforms written policies from a piece of paper to the underpinnings of a culture of compliance.
3. Policies should include procedures for testing, enforcing, and investigating breaches of policy. It is better to have a procedure that you never need to use than to not have one when you need it.
4. Administer disciplinary action for chronic carelessness or an intentional breach of cyber security policy. If the breach was accidental, it should be treated as an opportunity for more cyber security awareness training.
5. Then, ensure that disciplinary action for cyber security breaches is equitable.
Cyber Security and Cloud Computing Resource Materials
Cyber Security and Cloud Computing Seminar 1
- Lesson 1 – The Essential Characteristics of the Cloud
- Lesson 2 – Understanding Infrastructure as a Service
- Lesson 3 – Unraveling Platform as a Service
- Lesson 4 – Comprehending Software as a Service
- Lesson 5 – Discovering Development Methods
- Lesson 6 – Identifying Cloud Incidents
- Lesson 7 – Dissecting the anatomy of a Service Failure
- Lesson 8 – Deciphering the anatomy of a Business Failure
- Lesson 9 – Defining Trust Models for Cloud
Cyber Security and Cloud Computing Seminar 2
- Lesson 1 – Identifying Governance and Risk
- Lesson 2 – Complying with Legal and Audit Requirements
- Lesson 3 – Managing Information and Data Security
- Lesson 4 – Providing Portability and Interoperability
- Lesson 5 – Comparing traditional IT, BCP and DR
- Lesson 7 – Understanding Data Center Operations
- Lesson 6 – Understanding Data Center Operations
- Lesson 10 – Managing Encryption and Keys
- Lesson 9 – Testing and Monitoring Applications
- Lesson 8 – Maximizing Application Security
- Lesson 12 – Controlling Cloud Access
- Lesson 11 – Verifying Identity in the Cloud
- Lesson 13 – Implementing Virtualization
- Lesson 14 – Providing Security as a Service
- Lesson 15 – Cloud Security Knowledge Challenge
- Lesson 16 – Cloud Security Knowledge Solution
Cyber Security and Cloud Computing Seminar 3
- Lesson 1 – Introduction to the Sherwood Applied Business Security Architecture (SABSA)
- Lesson 2 – Learning how to use Fast Tracker
- Lesson 3 – Defining SABSA Attributes
- Lesson 4 – Diving deeper into Fast Tracker
- Lesson 5 – Introducing Cloud Attribute Taxonomy
- Lesson 6 – Risk Assessment Challenge
- Lesson 7 – Risk Assessment Solution
Cyber Security and Cloud Computing Seminar 4