Overview

A hands-on toolkit for securing contemporary cloud environments In Cloud Security Fundamentals: Building the Foundations for Secure Cloud Platforms, cybersecurity leader and educator, Jason Edwards, delivers a comprehensive guide to safeguarding data, applications, and infrastructure in the cloud. The author offers a complete walkthrough of cloud security, moving from foundational concepts to advanced, forward-looking practices. The book is filled with practical examples, hands-on guidance, and lessons drawn from real-world cloud security incidents and breaches. It equips readers with the tools and knowledge they need to defend against threats in cloud environments and how to understand coming developments in cloud technology that will impact organizations in all industries. Inside the book: A thorough introduction to cloud-native and advanced security practices for contemporary firms A chapter on relevant cloud security certifications and professional growth advice Practical discussions of foundational concepts in cloud security, including IAM, Zero Trust, and DevSecOps Complete treatments of advanced cloud security themes, like leadership strategies, operational best practices, and techniques for dealing with common and emerging threats Perfect for cloud security professionals, IT managers, and DevOps professionals, Cloud Security Fundamentals will also benefit system administrators, compliance and risk officers, consultants, auditors, and technology students in a variety of fields who require a foundational understanding of cloud security concepts.

Full Product Details

Author:   Jason Edwards (Birkbeck, University of London, UK)
Publisher:   John Wiley & Sons Inc
Imprint:   John Wiley & Sons Inc
ISBN:  

9781394377732

ISBN 10:   1394377738
Pages:   464
Publication Date:   26 March 2026
Audience:   Professional and scholarly ,  Professional & Vocational
Format:   Hardback
Publisher's Status:   Forthcoming
Availability:   Awaiting stock  

Table of Contents

Table of Contents   Dedication Acknowledgements Preface Chapter 1: The Strategic Importance of Cloud Security. 3 Cloud as the Default Operating Model 3 Business Drivers and Return on Security Investment. 4 Evolving Risk Landscape in Cloud Contexts. 8 Misconceptions and Shared Responsibility Realities. 11 Cloud Security as a Business Enabler. 14 Strategic Alignment Between Security and Enterprise Goals. 17 Conclusion. 20 Recommendations. 20 Chapter 2: Foundations of Cloud Computing. 23 Historical Roots and Computing Paradigms. 23 Core Cloud Service Models. 25 Deployment Models. 28 Enabling Technologies: APIs, Virtualization, Containers. 32 Infrastructure as Code and Automation Foundations. 35 Cloud Economic Models and Abstraction Layers. 38 Cloud Provider Ecosystems and Market Differentiation. 41 Conclusion. 45 Recommendations. 45 Chapter 3: The Modern Cloud Security Landscape. 48 Emerging Threats in Cloud Environments. 48 Cloud-Specific Vulnerabilities and Attack Vectors. 51 Deep Dive: Shared Responsibility Model by Service Tier. 54 Limitations of Legacy Security Models in Cloud Contexts. 58 Security Investment Patterns and Innovation Drivers. 60 Cloud Security Maturity and Adoption Models. 64 Conclusion. 67 Recommendations. 67 Chapter 4: Secure Cloud Architecture and Design. 70 Secure-by-Design Principles for Cloud Infrastructure. 70 Identity, Trust Boundaries, and Access Zones. 73 Resilience, Redundancy, and High Availability Design. 75 Secure Networking and Micro-Segmentation Models. 78 Data Flow Mapping, Isolation, and Asset Tiering. 82 Avoiding Cloud Security Anti-Patterns. 84 Compliance-Ready Architectural Planning. 88 Conclusion. 91 Recommendations. 91 Chapter 5: Identity and Access Management (IAM) in the Cloud. 94 Identity as the Security Perimeter. 94 Authentication Protocols and Adaptive Techniques. 96 Authorization Models: RBAC, ABAC, and Fine-Grained Access. 99 Privileged Access Management (PAM) at Cloud Scale. 102 Lifecycle Automation for Identity Provisioning and Decommissioning. 105 Foundational IAM Architecture and Operational Best Practices. 110 Conclusion. 113 Recommendations. 113 Chapter 6: Securing Data in Cloud Environments. 116 Data Classification and Inventory Across Cloud Assets. 116 Encryption in Transit, At Rest, and In Use. 118 Key Management: HSMs, KMS, Rotation, and Escrow.. 121 Data Residency, Sovereignty, and Jurisdictional Compliance. 125 Backup, Archival, and Disaster Recovery for Data. 128 Insert Table 6-2. 130 Data Loss Prevention (DLP) and Leak Surface Reduction. 130 Conclusion. 134 Recommendations. 134 Chapter 7: Monitoring, Detection, and Incident Management. 137 Foundations of Logging and Security Telemetry in the Cloud. 137 Threat Detection: Real-Time Event Correlation and Context. 139 Security Monitoring Across Multi-Cloud Architectures. 143 Incident Detection and Early Escalation Strategies. 146 Automation and Orchestration in Incident Response. 149 Metrics, KPIs, and Threat Intelligence Integration. 152 Post-Incident Review and Root Cause Analysis. 155 Conclusion. 158 Recommendations. 158 Chapter 8: Security Automation and DevSecOps. 161 DevSecOps Principles and Security Integration Models. 161 Secure CI/CD Pipeline Design and Control Points. 163 Infrastructure as Code (IaC) Security and Policy as Code. 166 Managing Secrets in Automated Development Workflows. 170 Automating Compliance Validation in Build Pipelines. 172 Governance Enforcement Through DevSecOps Tooling. 175 Conclusion. 178 Recommendations. 178 Chapter 9: Advanced Architectures and Specialized Domains. 181 Container Security and Kubernetes Hardening. 181 Serverless and Event-Driven Architecture Security. 183 API Security: Design, Authentication, and Rate Limiting. 187 Supply Chain and Dependency Risk in Cloud Applications. 190 Implementing Zero Trust in Cloud-Native Environments. 193 Security for Edge, IoT, and Distributed Cloud Models. 196 Resilience Engineering and Chaos Security Practices. 199 Conclusion. 203 Recommendations. 203 Chapter 10: Cloud Governance, Risk, and Compliance (GRC) 206 Foundations of Cloud Governance Structures. 206 Enterprise Cloud Risk Management Frameworks. 210 Mapping Regulatory Frameworks to Cloud Controls. 213 Cloud Audit Preparedness and Evidence Collection. 216 SaaS and Third-Party Governance Risk Strategies. 220 Conclusion. 223 Recommendations. 223 Chapter 11: Cloud Hardening and Configuration Management. 226 Core Principles of Secure Configuration and Hardening. 226 Baseline Standards for Operating Systems and VMs. 229 Container and Kubernetes Configuration Security. 232 Hardening PaaS and Managed Cloud Services. 235 Endpoint, Client, and Remote Access Configuration. 238 Infrastructure as Code for Baseline Enforcement. 241 Continuous Validation and Drift Detection Workflows. 245 Conclusion. 248 Recommendations. 249 Chapter 12: Cloud Security Testing and Validation. 251 Security Testing Methodologies in Cloud Contexts. 251 Continuous Vulnerability Assessment and Remediation. 254 Cloud-Aware Penetration Testing and Provider Constraints. 257 Security Testing in DevSecOps Pipelines (SAST/DAST/IAST) 260 External Testing, Bug Bounties, and Researcher Coordination. 263 Purple Teaming, Simulated Attacks, and Threat-Informed Defense. 266 Conclusion. 269 Recommendations. 269 Chapter 13: Secrets Management and Sensitive Asset Protection. 272 Defining Secrets and Sensitive Credentials in the Cloud. 272 Secure Secrets Lifecycle: Creation to Deletion. 275 Centralized vs. Decentralized Secrets Management Models. 278 Secrets Management in DevOps and CI/CD Workflows. 281 Just-in-Time Access and Privileged Credential Rotation. 284 Automating Secrets Management at Scale. 287 Conclusion. 290 Recommendations. 290 Chapter 14: Cloud Network Security. 292 Virtual Networking Foundations and Isolation Models. 292 Network Segmentation, Routing, and Secure Zones. 295 Cloud Firewall Configuration and Access Control Enforcement. 298 Web Application Firewalls (WAF) and API Gateway Security. 302 Secure Remote Access and Hybrid Connectivity Architectures. 305 Traffic Logging, Packet Inspection, and Anomaly Detection. 309 DDoS Protection, SDN, and Edge Network Security Techniques. 313 Conclusion. 315 Recommendations. 316 Chapter 15: Identity Federation and Multi-Cloud Access Integration. 318 Identity Federation Concepts and Cross-Domain Trust Models. 318 Federation Protocols: SAML, OAuth, and OpenID Connect. 320 Federation Architecture in Multi-Cloud and Hybrid Environments. 323 Designing Secure and Scalable SSO Systems. 326 Securing Federated Sessions, Assertions, and Tokens. 330 Governance, Logging, and Compliance for Federated Access. 333 Conclusion. 336 Recommendations. 337 Chapter 16: Serverless and Microservices Security. 339 Core Concepts of Serverless and Microservices Architectures. 339 Shared Responsibility in Serverless Execution Models. 342 Authentication and Authorization Across Microservices. 345 API Gateway Protection and Request Validation Techniques. 348 Securing Events, Queues, and Triggers in Asynchronous Systems. 351 Secrets and Data Handling in Ephemeral Execution Environments. 354 Runtime Monitoring and Isolation for Distributed Workloads. 357 Conclusion. 361 Recommendations. 361 Chapter 17: Data Privacy, Residency, and Protection Obligations. 364 Privacy Fundamentals in Cloud Contexts. 364 Data Residency, Localization, and Jurisdictional Compliance. 367 Applying Privacy by Design in Cloud Architectures. 370 Minimization, Pseudonymization, and Retention Strategies. 373 Subject Access Requests and Erasure Protocols. 377 Privacy Risk Assessment and Breach Notification Planning. 380 Conclusion. 384 Recommendations. 384 Chapter 18: Cloud Compliance and Regulatory Readiness. 387 Regulatory Scope and Interpretation for Cloud Services. 387 Mapping Frameworks: FedRAMP, ISO 27017, CSA CCM, etc. 390 Navigating Multi-Jurisdictional and Industry-Specific Regulations. 393 Automated Compliance Monitoring and Control Validation. 396 Evidence Collection, Documentation, and Control Traceability. 400 Cloud Vendor Compliance Oversight and Attestation Review.. 403 Strategic Compliance Roadmapping and Governance Alignment. 406 Conclusions. 410 Recommendations. 410 Chapter 19: Cloud Risk Management and Enterprise Integration. 413 Identifying and Categorizing Cloud Risk Vectors. 413 Embedding Cloud Risk into Enterprise Risk Frameworks. 415 Risk Quantification, Prioritization, and Response Planning. 418 Third-Party, SaaS, and Supply Chain Risk Management. 421 Shadow IT, Unmanaged Assets, and Risk Discovery Techniques. 425 Conclusion. 428 Recommendations. 428 Chapter 20: Cloud Monitoring, Logging, and Detection. 431 Principles of Observability in Cloud Infrastructure. 431 Centralized Logging Strategies Across Providers. 433 Real-Time Detection and Correlation with Native and Third-Party Tools. 436 Cloud SIEM, SOAR, and Automation Integration. 439 Behavioral Analytics and Anomaly Detection in Cloud Workloads. 442 Alert Tuning, Prioritization, and False Positive Reduction. 445 Maturity Models for Telemetry, Visibility, and Incident Readiness. 448 Conclusions. 452 Recommendations. 452 Chapter 21: Cloud Security Metrics and Performance Reporting. 455 Aligning Metrics with Business and Security Objectives. 455 Operational and Technical Metrics for Cloud Security Operations. 457 Compliance, Audit, and Control Effectiveness Indicators. 460 Tracking Remediation, Drift, and Security Posture Trends. 463 Maturity Models and Continuous Metrics Optimization. 466 Conclusion. 469 Recommendations. 469 Chapter 22: Threat Intelligence and Attack Surface Management. 471 Strategic Role of Threat Intelligence in Cloud Security. 471 Discovering and Mapping the Cloud Attack Surface. 473 Curating and Consuming External Intelligence Feeds. 476 Threat Modeling, Attribution, and Prioritization. 479 Integrating Threat Intelligence into Detection and Response. 482 Monitoring Internal and External Attack Vectors Continuously. 485 Collaborative Intelligence Sharing and Operational Integration. 488 Conclusion. 492 Recommendations. 492 Chapter 23: Incident Response in Cloud Environments. 494 Cloud-Aware Incident Response Planning and Governance. 494 Role Definitions, Escalation Protocols, and Communication Plans. 497 Detection, Validation, and Incident Categorization. 500 Containment, Eradication, and Cloud-Scale Recovery. 503 Forensic Considerations and Evidence Preservation. 506 Post-Incident Review, Root Cause Analysis, and Corrective Actions. 509 Integration of IR Playbooks with Cloud Automation and Orchestration. 512 Conclusion. 515 Recommendations. 516 Chapter 24: Cloud Forensics and Legal Considerations. 519 Foundations of Digital Forensics in Cloud Contexts. 519 Forensic Readiness: Controls, Logging, and Preservation Practices. 521 Integration of Forensics into Security Operations and IR. 525 Jurisdiction, Chain of Custody, and Legal Admissibility. 528 Collaborating with Cloud Providers During Investigations. 531 Regulatory Expectations for Investigations and Reporting. 534 Emerging Tools, Standards, and Future Forensic Models. 538 Conclusion. 541 Recommendations. 541 Chapter 25: Disaster Recovery and Business Continuity in the Cloud. 544 Strategic Foundations of Cloud DR and BCP Planning. 544 Cloud DR Models: Backup, Pilot Light, Warm Standby, Active-Active. 547 Identifying Critical Assets and Defining Recovery Objectives. 550 Automated Testing and Validation of DR Plans. 553 Ensuring Service Continuity for Distributed Cloud Systems. 556 Integration of DR with Resilience, Chaos Engineering, and Automation. 560 Maintaining Operational Continuity During Service Disruptions or Failures. 563 Conclusion. 567 Recommendations. 567 Chapter 26: AI-Driven Cloud Security and Automation. 570 Core Concepts of AI and ML in Cloud Security. 570 AI-Enhanced Threat Detection and Behavioral Analysis. 572 Predictive Risk Modeling and Security Forecasting. 576 Autonomous Incident Response and Workflow Optimization. 579 AI-Augmented Monitoring and Security Visibility. 582 Conclusions. 586 Recommendations. 586 Chapter 27: Quantum-Ready Security for Cloud Infrastructures. 589 Quantum Computing Fundamentals and Cloud Implications. 589 Cryptographic Vulnerabilities and Quantum Threat Timelines. 592 Post-Quantum Cryptography: Transition Strategies. 595 Quantum Key Distribution (QKD) and Next-Gen Encryption Models. 598 Inventorying and Replacing Classical Cryptographic Dependencies. 602 Conclusion. 604 Recommendations. 604 Chapter 28: Securing Cloud-Integrated IoT and Edge Computing. 607 Defining Cloud-Edge and IoT Integration Models. 607 Unique Threats in Edge and Distributed Environments. 610 Lifecycle Management for Devices and Firmware Security. 613 Hardening Edge Infrastructure and Protecting Data Flows. 616 Secure Connectivity Between Cloud, Edge, and Devices. 619 Conclusion. 622 Recommendations  Index

Reviews

Author Information

Jason Edwards, PhD, is an experienced cybersecurity leader, advisor, and educator with more than 20 years’ experience in the technology industry. He has created comprehensive cybersecurity education programs encompassing foundational knowledge, hands-on experience, and industry-aligned curriculums.

Tab Content 6

Author Website:  

Countries Available

All regions