Roadmap to cloud success | TahawulTech.com

By Adelle Geronimo

As the cloud continues to grow at a rapid and unmitigated pace, IT and business leaders need to ensure that key people within their organisation are equipped with the skills to effectively and securely leverage its benefits. SANS Institute Fellow Instructor Frank Kim discusses how the company’s latest curriculum can enable enterprises to future-proof their cloud strategies.

It is undeniable that many organisations start their journey to the cloud with cost optimisation as the primary goal. However, they soon realise that beyond cost-savings there’s a plethora of benefits that they can gain, key among which is the capability to drive innovation.

The shift to the cloud enables enterprises, no matter the size or industry, to develop novel ways to bring products and services to market much faster.

SANS Institute Fellow Instructor Frank Kim

Over the last few years, the cloud has evolved from being an industry buzzword to a catalyst for digital transformation. Cloud is enabling a whole host of innovations, enabling organisations to thrive and stay competitive amid the increasingly digital ecosystem. However, while the shift to the cloud presents boundless opportunities, it is not without its challenges.

According to recent industry studies, organisations often face the challenge of having to deal with misconfigured cloud platforms, which poses a big security threats. Such bottlenecks are often attributed to the lack of cloud security talents within enterprises today. In fact, a report by US-based cloud computing firm Logicworks noted that 86 percent of IT decision-makers believe that the shortage of talent is slowing down their cloud initiatives.

This highlights why it is imperative for organisations to ensure that their security teams have the right talents that will enable them to efficiently and securely harness the value of the cloud.

To help modern enterprises cope with the growing challenges and provide IT teams with the right skills and knowledge, global information security training and security certification SANS Institute has launched a robust cloud security curriculum.

“The cloud makes it immensely easier for anyone to deploy new services. This increases the opportunity for shadow IT to arise and exacerbates the possibility that sensitive data may be stored and used in unknown or inappropriate ways. The lack of proper knowledge of cloud capabilities leads to cloud misconfigurations and insecure use of services, resulting in data breaches, reputational damage, and potential fines,” says Frank Kim, Fellow Instructor, SANS Institute.

Cloud computing has become a major defining factor in the current and future state of information security, with the business reasons for moving to the cloud simply too overwhelming to ignore. According to an IDC study, more than 80 percent of companies are already using cloud services and cloud technology or are dealing with it intensively.

“Just as the web defined the last 20 years of technology change, the cloud will be the defining element of the next 20 years,” says Kim. “Security must be part of this evolution in order to succeed. In terms of industry momentum, we’ve now reached the point where every cybersecurity professional needs to be knowledgeable about the cloud. This means that security professionals must focus on where the cloud is going, not where it is today.”

Kim, who is also the founder of security consulting and CISO advisory firm ThinkSec and the lead for the SANS Cloud Security curriculum, highlights that to succeed in cloud security organisations need talents that have hands-on technical experience and cloud security-specific knowledge. “IT and security professionals today must be prepared not only for their current role but also for a cutting-edge future in cloud security,” he adds.

Organisations today are adopting DevOps practices to get features and functionality to market faster that will enable them to take full advantage of the cloud. However, security often struggles to keep up. Additionally, with the rapid adoption of cloud services and platforms, it is now more pertinent than ever for security teams to understand the techniques and tools that will allow them to effectively monitor their environments for malicious activity.

To help IT and security professionals find the best starting point, SANS Institute has created a Cloud Security Flight Plan that will help them progress in their professional cloud security journey:

Baseline – Courses that impart the baseline skills required of any information security professional involved in Cloud Security, whether active practitioner or manager

Foundational – Courses that provide the basic knowledge to introduce students to a required skill set for the Cloud Security industry as a whole.

Core – Courses that prepare professionals for more focused job functions in Cloud Security, including manager, architect, engineer, analyst, and developer.

Specialisation – Courses for critical, advanced skills, or specialised roles in Cloud Security

Management – Courses for leaders, managers, directors developing a cloud security roadmap, plan, procurement models, and ensuring policy and procedure are defined to support cloud

The flight plan includes the following courses:

“In the cloud, all things are dependent on applications, code, and automation. As such, we have augmented our curriculum to deliver a more holistic approach to cloud security,” explains Kim.

Many security professionals today are well-versed in traditional security tools and techniques. But as networks rapidly expand to include the cloud, the challenges are becoming even more acute.

“Our curriculum has been developed through an industry consensus process and is a holistic approach to address the gaps in cloud security,” says Kim. “This includes multi-cloud and hybrid cloud scenarios for the enterprise and developing organisations alike. They need to understand that they should not only learn the ins-and-outs of one platform, as the future demands in-depth technical abilities coupled with security knowledge for each big cloud service provider.”

Kim also points out that with the development of the larger curriculum, SANS has conscientiously looked at job roles, training needs within those roles and how they can help students progress even further in the future.

“Our curriculum offers a comprehensive approach to cloud security,” he explains. “Our courses range in complexity for those new to the cloud as well as those who have been around for the block a few times. If you are a developer, an architect, an engineer, an analyst, a manager or a new security professional, the SANS Cloud Security Curriculum has the right content and training for you.”

Looking ahead, Kim says security professionals across the globe can expect new courses, certifications, and free resources such as posters, cheat sheets, whitepapers and webcasts.

Upcoming courses

SEC388: Introduction to Cloud Computing and Security

SEC557: Continuous Automation for Enterprise and Cloud Compliance

FOR509: Cloud Forensics and Incident Response

Survey reveals misalignment between cybersecurity and business goals in the UAE and KSA

Bybit opens global headquarters in Dubai on the heels of 50% increase in user base

DIFC Courts reinforces its commitment to sustainability following expansion of its digital infrastructure

NETSCOUT adds new data centre presence in Dubai with added Arbor Cloud Capabilities

Dubai ranks as the second most crypto-ready city in the world

LinkShadow reinforces its commitment to Saudi Arabia

Huawei Cloud’s Riyadh launch boosts Saudi tech advancement

Cisco unveils new data centre to enhance security services in Saudi Arabia

Survey reveals misalignment between cybersecurity and business goals in the UAE and KSA

Google Cloud announce significant new collaboration with Saudi Pharmaceuticals giant

KROHNE delivers insights to inspire the next generation of engineers in Oman

Oracle supports major project to accelerate Oman digital economy

Ooredoo accelerates cybersecurity in Oman with new deal

Omantel selects Ericsson to manage its nationwide multi-vendor networks

Oman TRA shares plans to accelerate 5G deployment

BDB launches “tijara” platform for SMEs

Bahrain achieves full nationwide 5G coverage

Batelco, SonicWall launch integrated security solutions for SMEs in Bahrain

Bahrain to offer COVID-19 test results on WhatsApp, Facebook Messenger

Infor supports Bahrain’s digital transformation

Infopercept opens its first Middle East office in Kuwait

Microsoft Compliance Manager now available in Kuwait

Commercial Bank of Kuwait gets mobile payments moving with Thales Digital Solutions

Ooredoo chooses Fortinet to deliver secure SD-WAN managed services in Kuwait

Zain rolls out first-ever 5G roaming service in MENA

Looking for the best label solutions in South Africa? Go OKI!

OKI is only going bigger in the South African market!

Huawei honours Women in Tech at Apps UP 2022

Amazon payment services launches in the MENA region

Egypt turns to AI to deliver COVID-19 diagnosis service to People of Determination

Vertiv extends partnership with MDS SI Group to enhance digital infrastructure solutions

Bosch sees 21% sales surge in the Middle East

“AI has been in Google’s DNA from the beginning – we are an AI-first company” – Tarek Khalil, Google Cloud

How companies can future-proof their business with Web3

“Diversity, equity and inclusion are a core part of our culture and values at AWS” – Yasmine Afifi

Gender Lens investing vital to economic recovery

Virgin Hyperloop unveils location for Hyperloop certification centre

TikTok taps Oracle as secure cloud provider

Zoom gets security boost with Keybase acquisition

Why collaboration is the answer to the successful roll-out of 5G

OPSWAT invests $10 Million in scholarship learning program to help close cybersecurity skills gap

Alef Education showcases the Alef Metaverse to improve climate education at COP28

Bybit and AUS unveil the tech talents of tomorrow

How digital education solutions can help students achieve their full learning potential

Seeds for the Future 2023: Huawei gathers ME & CA’s brightest ICT talent in Qatar

Huawei launches ground-breaking solar inverter at World Future Energy Summit

Middle East Energy to further boost their sustainability agenda

EDF UK selects Dynatrace to keep the power flowing

KROHNE harnessing the power of analytics to drive energy transformation

“All of us are pulling in the right direction for a better tomorrow” – Frank Janssens, VP at KROHNE

Above and ‘Beyon’ – New Money SuperApp launched in the UAE

New cross-border payments platform Digit9 launches in the UAE

Hub71 partners with global economic transformation specialist on MENA start-up ecosystem

Spheroid Universe coin to be listed on MEXC exchange

DIFC Innovation Hub launches AccelerateHER program

Innovating Finance: UAE’s Pioneering Role in the Blockchain and Crypto Landscape

Pioneering Sharjah’s Digital Revolution

Interview: Shaping a Secure World

Dubai Chamber of Digital Economy scouts Asia for tech start-ups

Government leaders from IT sector honoured at GovTech Innovation Awards

Dubai Science Park study backs R&D localisation amid projected surge in UAE healthcare spending

MarkiTech expands GCC footprint

MoHAP Launches Health Sector’s First National Centre of Excellence for AI

Korian Benelux future-proofs residential Care with AI-driven solutions

SAS accelerates responsible innovation efforts with new collaborations

Digitalisation key to accelerating construction development in Middle East, says Trimble

R&M Introduces First Single Pair Ethernet System to Support Middle East Smart Building Trend

To ‘upsmart’ your building, start with the elevator

Renters searching for homes online surge amid coronavirus fears

Emirati tech entrepreneur launches new app to ease Dubai’s rental woes

Brands Beware: The Application Generation Demands Seamless Digital Experiences

Opinion: Brands must respond to meet heightened customer expectations

Thriwe: Enhancing the Omni-channel experience

Navigating the Festive Cyber Landscape: Ensuring Online Safety during Holiday Shopping

Celebrate the Dubai Shopping Festival with Eros Electronics’ exclusive deals

Interview: OTIFYD’s intelligent approach to cybersecurity

Extreme Introduces Hub for Research, Development and Innovation in Networking

Interview: AI continues to strengthen cyber defence

Help AG Unveils Top Digital Threats and Trends in Cybersecurity

AVEVA launches CONNECT, the world’s leading industrial intelligence platform, at Hannover Messe