1. Home
  2. Training Library
  3. Business Management
  4. Courses
  5. Cloud Governance, Risk, and Compliance

Monitoring and Response

Contents

keyboard_tab
Course Introduction and Security Basics
1
Course Introduction
PREVIEW1m 52s
2
Security Basics
PREVIEW5m 48s
Course Conclusion
Start course
Overview
Difficulty
Intermediate
Duration
1h 7m
Students
1481
Ratings
4.3/5
starstarstarstarstar-half
Description

In the last decade, the nature and complexity of security attacks have increased tremendously. From simple attacks, which focused on hacking exposed web pages, we have evolved to stealthy attacks, which focus on the hacker staying hidden for years on end inside the victim’s network with the sole purpose of stealing data.

To make matters worse, more and more companies have started to store their data in the cloud, thereby transferring part of the responsibility of securing that data to the cloud service provider. Therefore these days the cloud service is entrusted with the task of providing adequate security to the data and services that it provides to customers. While making a decision to move to the cloud, the two main metrics that enterprises look at tend to be cost and security risk. This course takes a deep dive into cloud security and how to mitigate the risks facing cloud-based infrastructure.

If you have any feedback relating to this course, feel free to reach out to us at support@cloudacademy.com.

Learning Objectives

  • Understand the basics of cloud security
  • Learn about security techniques such as asset management, access control, physical security, and operations security
  • Understand how to manage the vulnerability of your systems and applications
  • Learn how to monitor and respond to events and security incidents

Intended Audience

  • Solutions architects
  • Data engineers
  • Security engineers
  • Anyone who wants to learn how to secure their cloud infrastructure

Prerequisites

To get the most out of this course, you should already a good understanding of cloud infrastructure and operations. Basic knowledge of IT security would also be beneficial.

Transcript

Monitoring is usually referred to in the NIST documentation as continuous monitoring. This is done to stress the fact that monitoring nine hours a day for five hours a week, is not true monitoring. True monitoring, is 24/7, nothing else. If it is not 24/7, then it is auditing or sampling. NIST defines the Information Security Continuous Monitoring as maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions. ISCM should provide an assessment of and analysis of security control effectiveness and of organizational security status in accordance with organizational risk tolerance.

Security control effectiveness is measured by correctness of implementation and by how adequately the implemented controls meet organizational needs in accordance with current risk tolerance.

Organizational security status is determined using metrics established by the organization to best convey the security posture of and organization's information and informational systems, along with organizational resilience given known threat information. This involves maintaining an understanding of threats and threat activities, assessing all security controls, collecting, correlating, and analyzing security-related information, providing actionable communication of security status across all tiers of the organization, and active management of risk by organizational officials.

A highly standardized view of ISCM has the following basic features: Sources of Data, Data collectors and aggregators, Data Storage, Dashboards, Reports, Metrics, Decision Maker. It is essential while monitoring to keep in mind the three dimensions: monitoring the security posture of the organization, monitoring the effective functioning of controls, monitoring for intrusions. The sources of data can be classified into the following types: Network, Perimeter, Endpoint, Infrastructure, and Application.

About the Author
Avatar
Vish Chidambaram
Enterprise Security Leader
Students
3078
Courses
2

Vish Chidambaram is an Award-winning Enterprise Security Leader with 18+ years of experience skilled in areas spanning Automation, Security Operation Analytics and Reporting, Threat Management Life cycle, Agile/DevOps environments, SaaS/Cloud security, Business Development/Consulting, Program Management and more. Most Recently Vish was the CISO at Rubicon Project, which is a SaaS based ad marketplace where he was responsible for securing a high performance SaaS platform with 40billion transactiions per day. He pioneered the integration of security in DevOps, by using automation, orchestration and machine learning tools He is passionate about teaching security and believes staying current is particularly relevant in the security industry. He also mentors security professionals and advises them thru career transitions. and details can be found at datacoreacademy.com or writing to info@datacoreacademy.com His linked in page is https://www.linkedin.com/in/vish-chidambaram/