Cloud Security Training Courses

Cloud Security

BSI, in association with the Cloud Security Alliance (CSA) has developed training courses to help service providers become better at managing the security of their cloud services. This should not only give customers of service providers confidence in their ability to deliver, it can also enhance reputation and could be an important differentiator between competitors.

Our courses cover many aspects from helping you learn how to check compliance with the CSA’s Cloud Controls Matrix to helping you develop the ability to prepare for or maintain CSA’s Security Trust and Assurance Registry (STAR) certification. 

STAR is CSA’s registry that allows users to access and assess the security practices of cloud providers they currently use or are considering contracting to do business with. 

STAR Certification takes this a step further by giving service providers the ability to prove that their STAR registration has been independently checked and assessed against the new STAR Certification scheme. The maturity model checks a service provider’s security performance against the CSA’s Cloud Controls Matrix to award an overall grade.  



Training Courses

Advanced Cloud Security Auditing for STAR Certification

 

Contact us for a customised quote

    • Define the specific control areas of the CCM and differentiate between them
    • Describe what maturity is and how the STAR certification maturity model works
    • Apply the maturity model when auditing a provider’s security controls
    • Calculate a maturity score for each CCM control area
    • Derive a provider’s maturity level from the maturity scores
    • Demonstrate how to recommend STAR certification
View details for Advanced Cloud Security Auditing for STAR Certification

Information Security Controls for Cloud Services Training Course (ISO/IEC 27017:2015)

 

Contact us for a customised quote

    • ISO/IEC 27017 helps manage the confidentiality, integrity and availability of your business information or information entrusted to you by others.
    • This course helps you clearly identify who is responsible to manage the different security risks and ensure the appropriate cloud security controls are in place so you can maintain a resilient ISMS. 
View details for Information Security Controls for Cloud Services Training Course (ISO/IEC 27017:2015)

Protection of Personally Identifiable Information (PII) in Public Clouds (ISO/IEC 27018:2014)

 

Contact us for a customised quote

    • The purpose of ISO/IEC 27018, when used in conjunction with the information security objectives and controls in ISO/IEC 27002, is to create a common set of security categories and controls that can be implemented by a public cloud computing service provider acting as a PII processor.
    • This course is aimed at both cloud service providers and customers who are engaging with a cloud service provider.
    • The course will help to ensure that the appropriate information security controls are in place for protecting PII processed by cloud service providers under contract to their customers.


View details for Protection of Personally Identifiable Information (PII) in Public Clouds (ISO/IEC 27018:2014)