Cloud Security

Course Number: 95-746

Department: Heinz College

Location: Pittsburgh

Units: 6

Semester Offered: Spring

In the age of disruption, digitally transformed products and services have enabled more significant innovation, faster go-to-market, and reduced capital expenditure. A majority of these technological advancements rely on the cloud. As a 260 billion dollar industry, with growth expected to rise 14% by 2025, organizations adopt the public cloud at increasing rates. This increased adoption of cloud computing has adversely affected security practices that are not fully transferable from on-premise security programs. 

This course will provide a foundational understanding of what is required to secure a cloud ecosystem, regardless of the vendor. The concepts and principles discussed will help bridge the gaps between traditional and cloud architectures while accounting for the shifting thought patterns involving enterprise risk management. Students who complete this course will enter into any organization utilizing the cloud and immediately bring value to the infrastructure and security teams.

Syllabus

https://api.heinz.cmu.edu/courses_api/course_detail/95-746/

Class format

Lecture and project-based 

Home department

Heinz

 

Background required

None

Learning objectives

  • Understand core cloud computing concepts and fundamental principles, including standard delivery models and service designs.

  • Understand the foundational security practices that are required to secure modern cloud computing infrastructures.

  • Understand the differences between traditional data security practices and cloud-based data security methodologies.

  • Understand the identity and access management practices of both cloud providers and consumers. 

  • Understand how to protect data-at-rest, data-in-transit, and data-in-use within a cloud environment. 

  • Understand standard cloud security network designs and architecture models. 

  • Understand the complexity of cloud threat actors and techniques used to attack a cloud computing infrastructure

  • Understand the regulatory requirements needed to secure data in the cloud and the difficulties in meeting those requirements.

Faculty and instructors who have taught this course in the past

George Werbacher