Hello and welcome to the cloud aware governance and risk compliance course. Here you will learn about how to plan for security while hosting your application on a cloud provider. The course is generic and talks about all the security domains impacted. At the end of the course, you will have a strong foundation in risk analysis, common controls to be implemented in the various security domains, monitoring and incident management.

Hi my name is Vish Chidambaram, and I have about 18 years of experience in areas spanning automation, security operation analytics and reporting, tech management life cycle, Agile and DevOps environments. I'm passionate about teaching security, and I believe that staying current is particularly relevant in the security industry. I also mentor security professionals and advise them through carrier transitions both within an organization and when they move between jobs. Now let's get on with the course. In the last decade the nature and complexity of security attacks has increased tremendously. From simple attacks which focused on hacking exposed web pages, we have evolved to stealthy attacks which focus on the attacker staying hidden for years on end inside the victim's network with the sole purpose of stealing data. To make matters worse, more and more companies have started to store their data in the cloud. Thereby transferring part of the responsibility of securing that data to the could service provider.

Therefore, these days the cloud service is entrusted with the task of providing adequate security to the data and services that it provides to the customers. While making a decision to move to the cloud, the two main metrics that most enterprises look at tend to be cost and security risk.