Cloud Security training plan
The main challenges on the journey to the cloud are not technical, one of the most important challenges is training.
It is a key success factor that your analysts know about the infrastructure they need to protect.
Here’s some advice on how to create the learning path for your organization:
- Implement a Security Awareness training mandatory for all employees (if you don’t have one, below you have one for free from Amazon)
- Create a learning path with deadlines for all the employees working with the cloud that includes what they need to learn within the first day, the first week, the first month, the first 3 months. Track progress.
- Include in the training foundational Cloud infrastructure skills
- Create “add-ons” to the general learning path for people on your red team adding skills like pentesting, and for people on your blue team on incident response in the cloud.
- Your cloud security team should prepare the AWS Certified Security Specialty certification, as it helps to ensure the team has the a good understanding of the AWS Security functionalities.
AWS Skill Builder
Skill Builder offers many on-demand video trainings for free: Skill Builder Some trainings require a subscription (not free), mainly the ones that include hands-on labs and AWS Jams. More details here
Ramp Up Guide
There are many training resources available in the Ramp-Up Guide .
Formal education
If you prefer formal education guided by instructor, with labs, you can leverage the Architecting on AWS course, that will help you understand the infrastructure you need to protect, and the Security Engineering on AWS course, that is an excellent resource to gain a theory and practical foundations. Both courses are 3 days long and are available in multiple languages.
https://d1.awsstatic.com/training-and-certification/Learning_Paths/LearningPath_Security.pdf
Workshops
To gain hands-on experience, there are numerous security workshops on AWS at https://workshops.aws to do in your AWS accounts or you can use temporary AWS Accounts if you have an AWS Skill Builder subscription
AWS Certified Security Specialty Certification
The AWS Certified Security Specialty certification will help you validate that your team has the knowledge required to perform their role, or to show your peers that you managed to acquire that knowledge.
To study for the certification, there are many resources, including this book, where you will find the theory, practical exercises, tips and sample test questions to evaluate your knowledge, and identify areas of improvement:
Study Guide: AWS Certified Security Study Guide: Specialty (SCS-C01) Exam
For more details about the structure of the exam, check out the AWS Certified Security Specialty Exam-Guide
Webinars
I also invite you to visit the Webinars section where you can see deeper videos on different AWS Cloud Security topics.
Security Awareness Training
Finally, beside the cloud security training, ensure that ALL employees in your company go through a Security Awareness Training periodically to ensure that they are aware of how adversaries operate, and not to disclose any sensitive information, or doing insecure tasks like sharing passwords or using unsecure communications channels.
Amazon provides it’s own Cybersecurity Awareness training for FREE, and it’s available in multiple languages.
https://learnsecurity.amazon.com/
It’s available without branding so you can download the course and include it into your Learning Management System.
Events
AWS hosts numerous events where you can learn more about AWS technology, best practices, and get an in-depth look at what’s new.
Recordings of the events are available in the AWS Events channel: https://www.youtube.com/@AWSEventsChannel