Robertson College / Programs / Cyber & Cloud Security
Robertson College / Programs / Cyber & Cloud Security
School of Technology

Cyber & Cloud Security Program

Providing you with the knowledge on how to keep cloud customers and organizations information secure by focusing on protecting valuable data and systems hosted in the Cloud.

"The program is designed to provide the basic principles and understanding of cyber and cloud security; it would not take more than a few months after graduating to find work." - Brian Zerr, Vice President, Cyber Security Services, SRG Security Resource Group Inc.

Get Started

Program Overview

Robertson’s Cyber and Cloud Security program was developed in consultation with the following industry experts: Privity Systems Inc. and Security Resource Group Inc. Robertson is in constant consultation with industry experts to ensure the curriculum and its delivery is relevant, timely and aligned with industry standards and best practices.

The Cyber & Cloud Security program will give you the tools to keep cloud customers and organizations information secure allowing you to provide the following to an organization:

  • Help the organization:
    • Determine data requirements (i.e. Credit Card data for PCI DSS compliance, Personally Identifiable Information for Privacy legislation compliance, Classified data, etc.) 
    • Understand which data must remain confidential
    • Understand which systems must maintain configuration and data integrity (such as financial systems, HR systems, e-commerce data, databases etc.)
    • Understand which systems and data must support availability requirements (uptime – e-commerce sites, critical infrastructure, services bound by Service Level Agreements or SLAs)
  • Identify vulnerabilities and potential breaches in data confidentiality, system and data integrity, data and system availability, and escalate appropriately
  • Provide security guidance to business users wanting to leverage cloud computing
  • Work with IT business process owners to create or maintain management procedures, daily operating procedures, and standards documentation to facilitate a uniform delivery of service
  • Help business understand the data life cycle (create, store, use, share, archive, destroy) and the related responsibilities of the data
  • Participate in the creation, implementation, and maintenance of the organization’s information/cybersecurity management program
  • Perform complex technical activities using cloud platforms (such as Microsoft 365 and Azure, Amazon Web Services, Google Cloud Platform) that improve confidentiality, integrity, and availability of data and related systems
  • Validate configurations of technologies support the objectives of the organization, maintaining security while controlling costs 
  • Work with cloud technology, such as software-defined networks, virtual machines, hypervisors, containers, container orchestration technologies, virtual firewalls, virtual intrusion detection systems, data loss prevention systems, file integrity monitoring systems, security information and event management systems, Windows, Linux

Formats Available

Online
Currently Viewing
Campus

Program Details

Quick Facts

clock

Duration:

45 weeks (11 Months)

suitcase

Practicum:

3 Weeks
Learn More

Admission Requirements

Our admissions agents can work with you to ensure you meet the program’s criteria. This program is not currently open to International Students.

Need advice? A Student Admissions Advisor is here to support you.

Contact Admissions

Career Opportunities

  • Cyber Security Specialist
  • Information Security Analyst
  • Systems Administrator

Learn more about Cyber Security job demand in Canada.

 

Next Start Dates

Online — Remote
April 12, 2021
Apply Today

New start dates are being released all the time. Contact us for more dates.

Live near a Robertson campus? This course is also delivered on-campus.
Click here to learn more.

Topics of Study

Communication - 20 hours

This course will introduce students to the concept of professional practice. Students will be introduced to professional competencies, research skills, writing, and presentation skills. Students will develop an understanding of project-management skills, and the importance of ongoing professional education and certification.

 

Professionalism - 20 hours

This course will introduce students to the concept of professional practice. Students will be introduced to professional competencies, research skills, writing, and presentation skills. Students will develop an understanding of project-management skills, and the importance of ongoing professional education and certification.

Ethics - 20 hours

This course will provide students with an introduction to professional ethics in the context of their role in cloud security. The primary focus will be the codes of ethics presented by relevant professional certification bodies such as ISC2, ISACA, and CSA STAR. Students will develop an understanding of the rationale behind these and other industry requirements as well as the legal and regulatory requirements that drive them. Students will gain an understanding of their responsibilities and accountabilities for legal, regulatory, security, privacy, governance, and policy requirements related to information management. Students will develop a solid working knowledge of professional ethics, obligations, and requirements. In addition to being an important component of industry certification exams, this foundation will enable them to behave appropriately and ensure compliance with applicable standards in the workplace and to practice good judgement throughout their careers.

Information Security Concepts - 120 hours

This course introduces students to the many topics within information security theory necessary to understand why data and systems need to be secured and ways in which that gets achieved. At a high level, the course includes content related to identifying and implementing security objectives and control types through the application of various industry best practices and frameworks. This includes meeting legal and regulatory obligations through risk management techniques and use of available compliance tools.
The course covers fundamental information security topics and methodologies that are used to ensure secure cloud environment deployments and management.

Technology Management Concepts - 120 hours

This course introduces students to fundamental IT management programs required to maintain a secure computing environment and how they similarly relate to securing the virtual systems and data in the cloud. The management program content areas cover change, configuration, encryption key, disaster recovery/ business continuity, identity and access, incident, information, logging and monitoring, patch, risk, supplier, vulnerability, and performance management, as well as content around business transition, transformation, and continuous improvement. IT project management methods will also be discussed, as well as DevOps automation process designs.

Traditional Security Technology Foundations - 20 hours

This course introduces students to the fundamental concepts associated with physical security, computer security, and software security as it relates to both traditional cybersecurity and cloud security objectives. This includes understanding data centre security requirements and safety requirements such as those outlined by the Uptime Institute (data centre tiers) and ASHRAE technical committees (thermal guidelines). Similarly, the course will facilitate an understanding of security requirements related to operating systems, computer hardware (such as CPU, RAM, and hard disk drives), virtual device components (such as binary large object storage), and related file structures. Additionally, this course introduces the student to the critical software components of business systems such as applications and databases, as well as how their usage and placements affect the systems’ security.

Networking Security Foundations - 60 hours

This course introduces students to the fundamental concepts associated with network security of both physical and virtual devices and networks. This includes reference models (such as OSI and TCP/IP), cabling and network topologies (including VLANs), device types (such as IPS/IDS systems, VPNs, DLP, load balancers, firewalls, routers, switches, VNET peering, NSGs, etc.) and testing of those devices and configurations (using network-layer vulnerability scans and penetration tests). 

Data Security Foundations - 40 hours

This course introduces students to the concept of data security and ways in which organizations’ most valuable assets can be protected. This includes concepts such as dat life-cycles and the effect this has on securing data, data classification, handling, retention, and destruction, as well as roles and responsibilities. In addition, various types of technical data protection methods will be introduced, such as anonymization, hashing, masking, obfuscation, tokenization, and digital rights management (DRM). 

IT Architecture Concepts - 40 hours

This course introduces students to IT architecture concepts required to create secure system applications. This includes reviewing formal security models (such as Bell­ LaPadula, Biba, Clark-Wilson, Brewer-Nash, Graham-Denning, etc.), as well as looking at how those theoretical models get implemented on critical technology components (like computers, operating systems, applications, networks, and databases).

Cloud Concepts - 40 hours

This course introduces students to cloud computing concepts necessary for understanding the deployment and use of common cloud technologies. This includes defining and describing cloud service models, characteristics, deployment models, and reference architectures in such a way that a student can choose the appropriate method for a new system when required. 

Critical Cloud Technologies - 60 hours

This course introduces students to other technologies critical to cloud environments that are used to facilitate the confidentiality, integrity, and availability of data in the cloud. This includes learning about virtualization, containerization, server-less implementations, and identity and access control systems. Additionally, various aspects of cryptography (such as definitions, types of ciphers, methods, symmetric and asymmetric algorithms, message integrity methods, public key infrastructure, and trusted platform modules) will be discussed from the perspective of the role they play in cloud environments. 

Business Systems Analysis Concepts - 20 hours

This course introduces students to the importance of business systems analysis and its role in developing secure systems. This includes learning how to characterize a system based on the criticality and classification of the data, as well as how to perform various typical business analysis processes such as building use cases, conducting feasibility studies, doing requirements analysis, and modeling secure solution designs.

Secure Software Development Concepts - 40 hours

This course introduces students to the concepts related to secure development of software required for maintenance of data confidentiality, integrity, and availability. This includes orienting students with different generations of development languages, as well as with techniques used to develop software securely (such as designing with failure in mind and secure recovery). Common security issues associated with software will be explored (such as those identified by OWASP), as well as how one goes about testing applications to confirm that they are secure (i.e. DAST/SAST, synthetic, transactions, and misuse cases). 

System Evaluation Methods - 20 hours

This course will introduce students to common system evaluation techniques used to either determine or confirm that they way in which data is being processed on the system is conducted securely. This includes learning about how systems are scoped for the purpose of assessments (including choosing appropriate test profiles). What is the value of an internal self-assessment, and the role of external assessors or auditors. 

Microsoft Azure - 80 hours

This course provides students with Azure foundations, starting with  working  within the Azure portal and being introduced to common tools used in the Azure environment. Students will learn how to manage different Azure cloud services such as storage, security, networking, and compute cloud capabilities, and get hands-on experience creating virtual machines and virtual networks. The course will also focus on subscription and resource management required for tracking and estimating service usage and related costs, as well as identity management through which students will learn how to grant appropriate access to Azure AD users, groups, and services using role-based access control (RBAC).

Amazon Web Services - 80 hours

This course provides students with AWS Solutions Architect foundational  concepts that will allow them to learn how to design available, cost-efficient, fault-tolerant, and scalable distributed systems on AWS.

Students will learn how to architect and deploy secure and robust applications on AWS technologies, define solutions using architectural design principles based on customer requirements, and provide implementation guidance as necessary. The course will similarly yield an understanding of security features and tools that AWS provides and how they relate to traditional services.

Career Preparation - 40 hours

This course introduces students to career preparation strategies. Students will be introduced to job search strategies, interviews and other career management strategies.

Online Learning

Flexible Learning 
Have the flexibility to live your life while going to school. Our flexible start dates and small class sizes give you plenty of opportunities to learn when it’s best for you and gain the hands-on skills to succeed in any industry.

Industry-Leading Instructors
Learn from industry professionals who bring real-life experience into the classroom. You can book office hours or get virtual support from your instructors through Brightspace, where you can schedule video appointments and use instant messenger to ask questions.

Lifelong Career Services
Connect with a career specialist in your field who will help you find a meaningful place to start your career. As a graduate, you’ll have lifelong access to student services that will help you with resume building, interview preparation and networking.

How It Works

Getting Started

Our flexible start dates give you plenty of opportunities to plan for school and live your life around it.

Taking the Course

All Robertson Online courses are hosted on Brightspace, an online platform designed to give you everything you need to succeed in remote learning.

Entering the Workforce

Our programs set you up to adapt to industry changes and thrive in our modern digital workforce.

Visit the How It Works page to learn more about our online student experience. To learn more about how Brightspace gives you everything you need to succeed in your online courses, click here.

Financial Assistance & Funding

Robertson offers a variety of financial aid opportunities to ease students’ stress and allow them to focus on their studies. If you need extra support, we have flexible funding to accommodate all our students, no matter their financial situation. Our dedicated Financial Aid Officers will help you every step of the way.

Questions about tuition & financial assistance?

Contact Admissions

Practicum

The practicum is an essential part of a student’s program. It is not merely a graduation requirement; it is an extension of the in-class learning. The practicum asks you to apply the skills, theories, and concepts that you learned in your classes in an entry-level work experience situation.

Practicum must begin and end within the dates outlined in your program schedule and enrolment contract. Practicum is a full-time, unpaid commitment and is presently available in 2 formats:

  • A self-procured practicum
  • A practical project

Industry Attestations

The following includes cyber and cloud security industry attestations that have given us the permission to use their names, role and organizations on our website. They have also given us permission to use excerpts from the feedback they provided previously on our program on our website.

 

Government of Canada

“The curriculum covers all subjects and competencies very well.” 

– John Adeyefa, Cyber and Cloud Security Consultant, Government of Canada

 

SRG Security Resource Group Inc.

The Curriculum provides a broad overview of the concepts and practical applications required for an entry level cyber security analyst. I appreciate the inclusion of some of the softer skills within the program as these are critical in leading to long term success within the Cyber Security industry. I believe there are 2 type of Information security professionals – technical and the governance focused. Where most students will enter the field focused and energized by the technical aspect, as the industry matures and there is a need for those in the governance (soft skills) that will also make a tremendous impact.

 This program would prepare the graduate for entry level work, such as:

  • SOC Junior Analyst
  • Call centre Analyst
  • (junior) Security Analyst / consultant
  • and not completely within the cyber Security area:
  • Business Analyst

 

The program provides the graduate with a solid foundation and hands-on experience that are in demand in today’s global market.”

– Bjorn Gudehus, Service Delivery Manager, MSS On-Boarding and Project Services, SRG Security Resource Group Inc.

 

As the person who makes the hiring decisions for SRG and the SRG Cyber Security Division, I would hire a graduate from this program. The materials are easy to grasp and based on industry standards already in place. The curriculum provides all basics one would need (to work as a cyber security analyst). The program is designed to provide the basic principles and understanding of cyber and cloud security; it would not take more than a few months after graduating to find work.”

– Brian Zerr, Vice President, Cyber Security Services, SRG Security Resource Group Inc.

 

Program Development Partners

 

Privity Systems Inc.

Privity Systems Inc. has well over a decade of experience in the IT security field and has extensive experience working in the cloud security arena with a specific focus on regulatory compliance. As a Payment Card Industry (PCI) Qualified Security Assessor (QSA) company, Privity has been helping companies secure their IT assets and credit card processing environments in the cloud, and has been formally attesting to the accuracy of PCI Data Security Standard (PCI DSS) security audits to regulators.

Shawn Chaput, is also one of the co-founders of the Cloud Security Alliance and the author of the section on “Compliance” in their original 2008 guidance document. A participating committee member of several working groups related to information security at the Canadian Standards Association, Shawn is a recognized expert of ISO as related to ISO/IEC 27000 series best practices. In addition to more than 20 years of IT experience, Shawn has an MBA in Management of Technology and holds more than 30 certifications from different vendors and organizations, including CIA, CRMA, CISSP, CCSP, QSA and several Azure, M365, and AWS technical certifications.

Katarina Ringwood, an expert on risk management, privacy, and business strategy, is Privity’s other co-owner and co-author of a cloud compliance chapter of Springer Publishing’s 2010 book “Cloud Computing: Principles, Systems & Applications”. In addition to being a past participant of Cloud Security Alliance’s Group 2 which provided guidance for critical areas of focus in cloud computing, Katarina has been a member of various special interest groups responsible for developing supporting documentation on topics that included scoping, encryption, tokenization, and virtualization.  An Executive MBA graduate, Katarina holds several professional certifications that demonstrate her expertise and knowledge, such as Certified Information Security Manager (CISM®), Certified Information Privacy Professional Canada (CIPP/C®), and Certified in Risk and Information Systems Control (CRISC®).
 
 

SRG Security Resource Group Inc., Cyber Security Service

Tillman Hodgson serves as Operations Manager, Managed Security Services (MSS) for SRG Security Resource Group Inc., Cyber Security Service. He is an information security professional with 21 years of enterprise Unix/Linux, network and management experience with a 20 year focus on information security. Senior-level IT security professional with a proven record of cost-effective security and privacy management through accurate threat assessment, effective security controls and performance metrics, and the alignment of security posture to business objectives. Tracy is an analytical and experienced ISMS auditor who specializes in assessing administrative and technical controls for effectiveness and compliance to a variety of frameworks and legal and regulatory body requirements.

Tracy Hodgson serves as SO Certified Lead Auditor for SRG Security Resource Group Inc., Cyber Security Service. She offers 22 years of risk management experience in various industries and applies that skillset to great effect in security assessments, gap analysis, policy development, and audits. She is the holder of Certified Information Systems Security Professional (CISSP) and Certified Information Systems Auditor (CISA) refers to a designation issued by the Information Systems Audit and Control Association (ISACA).

Let's Get Started

Fill out the form below and one of our Student Admissions Advisors will get in touch with you to guide you through enrolling for this program and answer any questions you have.

Speak with admissions
1 (855) 333-9319
Request Info