You are leaving our Website
Using an external Link:
You are now leaving our website. The following page is operated by a third party. We accept no responsibility for the content, data protection, or security of the linked page..
URL:
CL130: Cloud Information Security according to ISO/IEC 27017/27018
Training: Security - Cloud - Virtualization
ISMS managers, cloud architects, and information security officers receive a practical introduction to the secure adoption and use of cloud services in accordance with ISO/IEC 27017/27018. The course covers methods for integrating cloud services into an ISMS, as well as concepts for secure cloud architectures and implementations. It also addresses advanced requirements such as BSI™ C5, applied in practice in the context of information security and compliance.
Start: 2025-12-08 | 10:00 am
End: 2025-12-10 | 05:00 pm
Location: Nürnberg
Price: 2.100,00 € plus VAT.
Start: 2026-01-26 | 10:00 am
End: 2026-01-28 | 05:00 pm
Location: Nürnberg
Price: 2.100,00 € plus VAT.
Start: 2026-05-11 | 10:00 am
End: 2026-05-13 | 05:00 pm
Location: Nürnberg
Price: 2.100,00 € plus VAT.
Start: 2026-09-14 | 10:00 am
End: 2026-09-16 | 05:00 pm
Location: Nürnberg
Price: 2.100,00 € plus VAT.
Start: 2026-12-07 | 10:00 am
End: 2026-12-09 | 05:00 pm
Location: Online
Price: 2.100,00 € plus VAT.
Agenda:
- Motivation and fundamentals
- Cloud computing fundamentals
- Concepts
- Reference architecture
- Shared responsibility model
- Cloud security
- Threats and attack vectors
- Security concepts
- Cloud security services
- Azure
- Google™ Cloud Platform (GCP)
- AWS™
- Cloud computing fundamentals
- Important standards/norms, certificates and best practices
- Standards and norms
- ISO/IEC 27001
- ISO/IEC 27017/18
- BSI™ C5
- NIST SP 800-xx
- NIST cyber security framework
- CIS
- ...
- Personal certifications
- CSA CCSK
- ISC2™ CCSP
- Product certifications
- Azure security engineer
- Google™ cloud security engineer
- AWS™ certified security
- Standards and norms
- Organizational requirements and recommendations for cloud security
- Management (ISMS, security controls, DR, BCM)
- Implementation planning
- Implementation rollout
- Implementation review and adjustment
- Risk management and analysis
- Cloud onboarding process
- Reporting
- Auditing and compliance
- Strategic tool usage
- Azure: Compliance manager
- Google™ Cloud: Security command center
- AWS™: AWS™ security hub
- Management (ISMS, security controls, DR, BCM)
- Technical requirements and operational cloud security operations
- Typical cloud and multi-cloud architecture
- Data security and architecture
- Zero trust
- Design and operations of secure cloud applications
- Identity and access management
- Cloud security monitoring (monitoring, incidents, forensics)
- Tactical and operational tool usage
- Discussion and summary
Objectives:
We provide you with comprehensive knowledge for the planning, implementation, monitoring, and improvement of Cloud Information Security in the context of recognized Cloud Security Frameworks. In this intensive training, participants acquire in-depth knowledge of the necessary steps for compliant and secure cloud operations.
For the secure and compliant introduction of cloud services, the following topics are covered:
- Appropriate frameworks, norms, and standards.
- Security architecture and policies for cloud infrastructures and their criteria to ensure that data and resources are adequately protected.
- The Shared Responsibility Model in relation to security.
- New security models in the cloud such as Zero Trust and their possible implementation.
- Identity and access management to ensure that only authorized users can access cloud resources.
- Data and application security: encryption concepts and securing the various service models.
- A pragmatic overview of possible solution approaches with different providers (Azure, Google™ Cloud, Amazon Web Services).
Two standards in the ISO 27000 series have specifically focused on this topic:
- ISO/IEC 27017 addresses both the use of cloud solutions and the provision of cloud services.
- ISO/IEC 27018 relates to the protection of personal data in public cloud solutions.
Guiding questions:
- What opportunities do the security frameworks and concepts offer for companies that want to use cloud services as well as for companies that offer cloud services?
- How can cloud security be expanded or addressed within the framework of an ISMS with ISO/IEC 27017/18?
- What implementation possibilities (design principles) can be used in the context of a security architecture?
Furthermore, the course CL130 provides a good basis for further advanced courses, such as:
Target audience:
- Information Security Officers
- CISOs
- Compliance Officers
- Cyber Security Architects
- Cloud Competence Center
- Data Protection Officers
Prerequisites:
To understand the course content and learning pace in the course CL130 Cloud Information Security according to ISO/IEC 27017/27018, the following knowledge is necessary or advantageous:Function and structure of an ISMS according to ISO/IEC 27001.
Alternatively, attend the workshops SC120 ISMS Implementation according to ISO 27001:2022 and CL120 Cloud Compliance – Standards, Security Requirements, Solution Approaches.
Description:
Digitalization is advancing relentlessly, both in the private sector and in government agencies. To unlock the full potential of digitalization, there is no way around the cloud. But how can an adequate level of security be achieved when using the cloud?
While the course CL120 Cloud Compliance – Standards, Security Requirements, Solutions focuses on aspects that must be considered before using cloud services (such as regulatory and legal requirements regarding contract design, information security, and data protection), the workshop CL130 Cloud Information Security according to ISO/IEC 27017/27018 builds on this and is dedicated to the secure introduction and use of cloud services, i.e., the concrete implementation of these requirements. Topics already covered, such as BSI™-C5, are deepened and concretized in a practical manner.
Participants will receive in this three-day workshop a solid overview of the possibilities of handling cloud services within an ISMS and guidance on secure cloud architecture and implementation.
Guaranteed implementation:
from 2 Attendees
Booking information
Price:
2.100,00 € plus VAT.
(including lunch & drinks)
Exam (Optional):
100,00 € plus VAT.
Appointment selection:
Testimonials:
Authorized training partner
Authorized training partner
Memberships
Memberships
Shopping cart
CL130: Cloud Information Security according to ISO/IEC 27017/27018
was added to the shopping cart.