Get startedGet started for free

Introduction to cloud security domains

1. Introduction to cloud security domains

In your role as a cloud security professional, you’ll need to be aware of your organization’s cloud security domains. These domains can help you with resource planning, training, and compliance, which are key to securing the business. In this video, we’ll discuss domains and how they can help you secure assets in the cloud environment. The International Information System Security Certification Consortium, or ISC2, is a non-profit organization specializing in training and certifications for cybersecurity professionals. For ISC2, a security domain is a collection of tightly coupled security practices that address a specific security discipline. For example, domains help to ensure that you have the right processes, skills, and tooling in application development, so that you can properly and securely write and run code. There are six security domains or categories identified by the ISC2 Certification for Cloud Security Professionals or CCSP. Domain 1 focuses on cloud concepts, architecture, and design. Domain 2 consists of cloud data security. Domain 3 addresses cloud platform and infrastructure security. Domain 4 covers cloud application security. Domain 5 investigates cloud security operations. And lastly, Domain 6 explores legal, risk, and compliance. It’s important to keep in mind that these domains have no clear boundaries. In other words, tasks completed in one domain can also be relevant in other domains. For example, there are controls in each domain that deal with things like authentication and access control. Security leaders use domains to ensure that there are no gaps or oversights in an area of security. In your role as a cloud security professional, domains can help you choose your discipline and your job skill focus. For example, you might choose to work in the cloud security operations domain. Knowing the skills and work that make up that domain would help you plan a development path to build relevant skills and experiences on your career journey. Let’s explore the different domains. The cloud concepts, architecture and design domain focuses on high-level security that aligns with your organization's objectives. In the same way that an architect makes plans and designs for a house based on specifications, this domain is responsible for ensuring that the security designs and services will meet the business needs of the organization. Next, the cloud data security domain focuses on security of data within the cloud environment. It includes all procedures used in designing and implementing encryption, access controls, data loss prevention, and tokenization techniques to ensure the confidentiality and integrity of data. Identifying and classifying data is critical to this domain. Controls are matched according to the value and sensitivity of data as well as relevant laws and regulations. This domain is like the plumbing of the cloud environment. It determines how communication will happen, and how data will move into and out of the systems under control, like water running through pipes into and out of a building. The cloud platform and infrastructure security domain addresses the virtual and physical security threats to cloud infrastructure, including cloud infrastructure connections, cybersecurity, and the implementation of audit tools. People working in this domain could be compared to builders laying a good foundation for the rest of the structure that will be built. The cloud application security domain focuses on how applications for the cloud environment should be built, released, and maintained. This might include investigating all cloud computing application security challenges, including identity and access management, developing secure software, threat modeling, and validating software security through testing. This domain could be compared to a carpenter that uses raw materials to build sound structures to secure the inside and outside of the house from internal and external threats. The cloud security operations domain covers how to securely operate the designed, built, and deployed environment, including how to respond to events and restore the environment to a secure state. This domain addresses issues that arise from using cloud computing services. It focuses on responding to and resolving any issues that may impact the confidentiality, integrity, or availability of applications running in the cloud. This may include attacks, configuration mistakes, or even cloud provider outages. This domain could be compared to the person that is responsible for installing final safety features like alarm systems and smoke detectors after a building is built. People in this domain focus on safety and alerts once the cloud structure has been built. Finally, the legal, risk, and compliance domain focuses on the legal and regulatory implications of cloud-based applications. It explores how cloud computing influences business risk management and how cloud security controls are audited. This domain is like an inspector that makes sure everything in a building complies with standards and regulations. That was a lot of domains. Understanding each of these domains will help you be a more well-rounded and effective security professional and possibly find the right domain fit for your next role in cloud security. Now that you know about security domains and what they do, you will be able to discuss and analyze the different domains within the cloud environment.

2. Let's practice!

Create Your Free Account

or

By continuing, you accept our Terms of Use, our Privacy Policy and that your data is stored in the USA.