November’s security awareness topic is cloud computing

Outline and scope New this month

Thumbnail of one of the poster images in the moduleCloud computing is a strong and still growing part of the IT industry.  It’s a hit!

However, the relative novelty of cloud computing puts inexperienced managers, staff and professionals at a disadvantage: lacking appreciation of the technology and the commercial/business context, the information risks and especially the security and other cloud-related controls aren’t exactly obvious.  Information security (in the broadest sense – not just IT or cybersecurity) is a major concern with cloud computing, a source of aggravation and costs for the unaware. 

Simply put, securing the anticipated business benefits of cloud computing involves addressing the information risks that are associated with it.  If the risks are simply ignored, the benefits may be reduced or destroyed by costly security incidents. 

Learning objectives

November’s security awareness module is intended to:

  • Introduce and outline cloud computing, providing general context and background information (e.g. explaining why so many organizations are eagerly adopting it) with as little techno-babble as we can get away with;
  • Inform workers about the information risk and security issues and concerns relating to or arising from cloud computing (e.g. the organization’s partial loss of control over its information), plus the business benefits (e.g. reduced costs, greater resilience and flexibility, plus access to cloud specialists).  We’re promoting a balanced view;
  • Encourage those considering, specifying, evaluating, contracting for, using or managing cloud computing to identify, analyze and address the information risks, typically through appropriate controls that secure the business benefits as much as the data;
  • Promote information risk and security management as a business enabler, without which cloud computing would be unacceptably risky.

Review your organization’s use of cloud computing - the apps, dependent business processes, strategies, policies and incidents.  Are there any cloud -related risks on the corporate radar?  How well are they understood and treated?  What’s missing?  What stands out?  Talk to the relevant experts about it.  Flush any issues and ideas into the open, incorporating them where appropriate into your awareness delivery.

Contents listing

Just an outline!

Just an outline!

Get this module

Subscribe to the NoticeBored service to receive this module, plus similar batches of security awareness and training materials delivered fresh to your organization every month.  We offer a wealth of top-quality creative content on a market-leading range of information risk and security topics making it easy and economic for you to run a world-class security awareness and training program.

Email us to set the ball rolling.  Find out what it takes to get your security awareness and training program quickly up to speed, for a lot less than you might think.  We’re a small company with a big reputation for quality and innovation.

If you ONLY want this module, we can do that too.

What’s next?

Tag along with us on NBlog as we work on the next awareness topic.  In addition to clues about what’s coming up, we share hints and tips on making security awareness more effective.

Home > NB this month >

Copyright © 2018 IsecT Ltd.