When your organisation wants the benefits of cloud, you need a common understanding across functions and teams of the basic concepts of secure cloud adoption.
It is strongly recommended and almost mandatory to have certified cloud security professionals on board (see CCSK: Certificate of Cloud Security Knowledge – packages). But: your company needs more people to understand secure cloud at a foundational level than you will ever have certified professionals.
Understand that your cloud adoption teams span across architecture, legal, security, procurement, operations and selected business unit professionals. They need to speak a common core language. If they don’t, your cloud adoption program will limp along and be a boat anchor to your innovation ambitions.
Secure Cloud Adoption Workshop
My Secure Cloud Adoption Workshop is designed to jumpstart your organization. It is a modular workshop that can serve as an introduction to cloud computing. The emphasis is on security and risk management, and it is aimed at senior professionals across your organization.
- Length: 3-7 hours.
- Size: up to several dozen participants.
This is a varied and interactive program, with lots of activity from the participants. Most of the exercises are done in groups of 2-3.
Modules in the workshop (suggested sequence)
- Introduction of participants and facilitator
- Quick cloud security wins
- Cloud models (NIST), with service model exercise
- Cloud business benefits spectrum (with small exercise).
- Cloud threat modelling (story with examples, potentially reviewing CSA Treacherous Twelve)
- Shared responsibility exercise (based on PCI/DSS Cloud model)
- The cloud adoption process, including migration strategies and service model selection
- Evaluation of cloud providers (CCM and CAIQ) – practical
- 5 elements of cloud security
- Review of typical IaaS security features
- Security automation exercise (paper based)
- Cloud case from customer (run through adoption and securing)
- Cloud training options
- Evaluation and wrap up.
The following non security modules can also be considered.
- Cloud service demonstrations (AWS, CI/CD DevOps, OpenStack, …)
- Service models exercise, Service description and Service design
- Cloud business models and business cases
- Cloud technology architectures
- IT risk basics, as applied to cloud
These modules vary in length between 10-40 minutes.
Depending on background, learning objectives, length and number of participants, a workshop is customized by selecting from these modules. I can run on a strict timetable.
All learning materials are included in my e-learning “Secure cloud adoption essentials“, to which your workshop participants have full access.
Click on the button below to get a high level insight into cloud and cloud security.
Very grateful. Thank you!
I have appreciated very well most topics and particulary the Security Risk & compliance topics. Comparison on IT process on premise with those in the Cloud is quite good. But, it could be done deeper.
This class is great. Good balance between you talking, and us chatting. You keep control of the syllabus and the schedule, and we provide some information on what the facts mean to us and how we understand them in our context. Brilliant stuff.
Very professional domain, but very clear explained! Thanks
Most useful: Technical context, risk knowledge and exam approach
Experienced trainer. Reflects his experience well within the context
Peter is incredibly knowledgeable and takes the time to answer questions and actually work with his students. The course is also an amazing way to learn how AWS actually works and, by the end of the labs, you feel ready to manage your own cloud! The materials are easy to understand and yet technical enough to get real-life security implemented. This was a great course and far beyond most of the accreditation courses I have completed.
I attended Peter’s CCSK-training and found it very useful, because 1) the sessions gave me more insight on several other aspects of cloud computing than only security, 2) it “inspired” (/forced) me to study the CSA guide/ENISA more thorughly and not least 3) I manage to pass the exam 🙂
I had very little to no experience wit the CLOUD, so this training was incredibly valuable to me. My new professional responsibilities are becoming more and more cloud centric. I have a greatly improved level of confidence because I know I have a solid educational foundation that the training and exam preparation has provided for me. I cannot recommend it highly enough!