Mitigating Security Risks: Information, Cloud, & Data Security Risk Considerations
IT Security
| Intermediate
- 11 videos | 55m 22s
- Includes Assessment
- Earns a Badge
To keep your organization's data secure, you need to know why your data is at risk and how to protect it using established principles and standards. In this course, you'll explore commonly used techniques to compromise data and how international best practices can help protect against these breaches. You'll start by examining three fundamental information security principles, which define information security policy and help identify risks. You'll then outline data breach methods and identify the targets of these threats. Next, you'll investigate what's meant by 'the human factor' and why it's key to any attack. You'll then study how technologies to secure data and information work under the hood. Moving on, you'll outline primary worldwide information security regulations and governance frameworks. Lastly, you'll examine why the ISO 27017 cloud security principles need to be considered when formulating a cloud security risk management plan.
WHAT YOU WILL LEARN
-
Discover the key concepts covered in this courseDescribe commonly used methods to compromise information securityList three fundamental information security principlesDescribe some threats to information security principlesRecognize through examples how the human factor is a key source of data theftState some key technologies to secure data and information
-
Identify the key worldwide information security regulations and governance frameworksDescribe the need for cloud securityDescribe the benefits of cloud securityOutline the iso 27017 cloud security principles that should be considered when formulating a cloud security risk management planSummarize the key concepts covered in this course
IN THIS COURSE
-
1m 46sIn this video, you’ll learn more about your instructor and this course. In this course, you’ll learn about the three key information security principles. You’ll also learn about the human factor that’s the key to any attack in the cybersecurity arena. Later in the course, you’ll learn about the key technologies that can be used to secure data. You’ll discover the various regulations and standards. You’ll also learn about cloud security and the challenges. FREE ACCESS
-
8m 46sIn this video, you’ll learn the definition of Data Compromise and the methods used for Data Compromise. Data Compromise is an incident in which confidential data loses its confidentiality and integrity as it was viewed, used, or stolen by unauthorized individuals. Data comprise involves two things. One is that the data loses its confidentiality, meaning that unauthorized entities have gotten access to the data. It also loses integrity because it's been viewed, modified, or stolen. FREE ACCESS
-
5m 12sIn this video, you’ll learn about information security principles. You’ll also learn about risk management and the CIA triad. You’ll learn about security policy and the CIA triad. Remember CIA triad stands for Confidentiality, Integrity, and Availability. Here, confidentiality refers to keeping information private and giving access only to authorized individuals. Integrity refers to retaining the original quality of something. Availability refers to the fact that data must be available to authorized users when required. FREE ACCESS
-
5m 55sIn this video, you’ll learn about threats to information security principles. The first is personal and organizational information theft. With any type of data theft, unauthorized entities have access to that particular data. This means the data is no longer considered confidential because its access is now with unauthorized entities. Next, you’ll look at stolen credentials. This means somebody hacks into a database and steals user credentials. This is considered a threat to confidentiality. FREE ACCESS
-
5m 39sIn this video, you’ll learn about humans in cybersecurity and the risks generated by humans. You’ll learn humans are considered to be the weakest link in the cybersecurity chain because they have psychological flaws which are often exploited by threat actors. Threat actors do this through social engineering. You’ll learn there are different tactics used in social engineering to create fear. FREE ACCESS
-
6m 48sIn this video, you’ll learn about the types of protection measures you can use to protect information security principles. Then, you’ll learn about the technologies you can use to secure data's confidentiality, integrity, and availability. You’ll discover that other than technical, you’ll have organizational, human and physical controls. You’ll look at each of these controls here. FREE ACCESS
-
4m 38sIn this video, you’ll learn about regulations and governance frameworks. The first one you’ll learn about is the Health Insurance Portability and Accountability Act, or HIPAA. HIPAA protects sensitive patient health information. Next, is the Gramm-Leach-Bliley Act, or GLBA. This act applies to institutions that deal with loans, finance, or investment. It safeguards sensitive data of customers. Finally, you’ll learn about the Homeland Security Act which was designed to protect the US from terrorist attacks. FREE ACCESS
-
5m 8sIn this video, you’ll learn about cloud security. Cloud security is a combination of policies, controls, procedures, and technologies that help protect the cloud infrastructure, applications, and the data or the information residing within systems in the cloud environment. Cloud security also includes the policies, security controls, and procedures implemented to safeguard data and applications within the cloud environment. You’ll learn cloud security must meet certain goals, like protecting data. FREE ACCESS
-
6m 15sIn this video, you’ll learn about the advantages of cloud security. You’ll also learn the challenges of cloud security. The benefits of cloud security include centralized security. This means there’s a level of security applied to the entire cloud created by the cloud service provider. You’ll also learn there are reduced costs with cloud security. Then, you have reduced administration. You're not responsible for the physical server. FREE ACCESS
-
3m 57sIn this video, you’ll learn about ISO 27017 and its relation to ISO 27001 and 2. You’ll learn ISO 27017 provides guidance on the security controls for the cloud environment. It’s a supplement to the existing ISO 27001 and 2. It takes the existing controls from ISO 27001 and 27002 and it adds on more controls on top of that, keeping the existing controls from these two standards. FREE ACCESS
-
1m 19sIn this video, you’ll summarize what you’ve learned in the course. You’ve learned the basic concepts of Information, Cloud, and Data Security Risk Management Considerations, along with the other concepts related to it. You explored common methods for data compromise, information security principles, threats to information security principles, the human factor, and the technologies to secure data. FREE ACCESS
EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE
Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.
Digital badges are yours to keep, forever.