Security School

Get started Bring yourself up to speed with our introductory content.

CCSP Domain 6: Cloud computing regulations and legal issues

Under the easy, breezy nature of using cloud services is a harsh truth: that just because you can doesn't mean you should (at least not without determining if that cool, new SaaS app violates international privacy laws).


While information security and compliance professionals are often portrayed as the people who say no to everything, the reality is that the "no" is actually often more of a "let's hold on a minute and think this through." This tension is only amplified by the cloud, where end users need only a credit card number and a few clicks to bypass "security says no" and immediately begin using a new application, server, storage or other platform. The dangers of this practice go well beyond the potential threat of cyberattacks and include the very real threat of violating new cloud computing regulations and legal requirements, which could result in lawsuits and significant fines.

Domain 6 of the CCSP exam, "Legal and Compliance," assesses candidates' understanding of how to approach the various legal and regulatory challenges unique to cloud environments. To achieve and maintain compliance with cloud computing regulations, it is important to understand the audit processes utilized within a cloud environment, including auditing controls, assurance issues and the specific reporting attributes. This section of the exam also covers ethical behavior and required compliance within regulatory frameworks, which includes investigative techniques for crime analysis and evidence-gathering methods. Additionally, candidates must demonstrate their mastery of enterprise risk considerations and the impact of outsourcing for design and hosting.

This Security School, based on (ISC)² CCSP training material, covers the fundamentals of Domain 6 of the CCSP exam. Once you've reviewed the parts of this Security School on cloud computing regulations, privacy issues and legal requirements, take the quiz to see how prepared you are for this portion of the exam.

CCSP® is a registered mark of (ISC)².

1Learning links-

Cloud computing regulations, laws and privacy issues

This Security School content will help you prepare for Domain 6 of the CCSP exam, "Legal and Compliance," with expert insight on some of the key topics surrounding cloud computing regulations, legal requirements and privacy concerns.


Consider international cloud security standards, legal reqs

Whether you're accessing (or operating) the cloud from Miami, Milan or Mumbai, you need to ensure those services meet regional cloud security standards and legal requirements. Continue Reading


How do SLAs factor into cloud risk management?

While you may not have much control over the infrastructure used by cloud service providers, you’re not completely at their mercy when it comes to cloud risk management. Continue Reading


Can you ace this quiz on cloud computing privacy issues?

Consumers and enterprises are increasingly concerned about data privacy -- with good reason -- and cloud computing introduces a host of new challenges. How well do you know them? Continue Reading

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.