A cloud security group known as The Cloud Security Alliance (CSA) recently compiled a list of what they feel are the top “nine most prevalent and serious security threats in cloud computing“, according to an article published by Information Week. The article states that this list, referenced by the group as the “Notorious Nine“, outlines threats to the cloud computing industry in 2013 which are mostly “known, but defy 100% solution.” Many times, according to this report, organizations “are establishing applications and moving data into the cloud without understanding all the security implications.”
The article indicates that this list, which was released in February, was built by a group of industry experts including Rafal Los of Hewlett Packard, Dave Shackleford of Voodoo Security, and Bryan Sullivan of Microsoft and alliance staff members Luciano Santos, research director; Evan Scoboria, webmaster; Kendall Scoboria, graphic designer; Alex Ginsburg, copywriter; and John Yeoh, the group’s research analyst. The CSA’s biggest concerns, which gave birth to this list, have been issues in past years for the entire technology industry, but seem to have accelerated as we now move quickly through 2014.
The article outlines that the alliance’s biggest concerns are Data Breaches, Data Loss, Account Or Service Traffic Hijacking, Insecure APIs, Denial Of Service, Malicious Insiders, Abuse Of Cloud Services, Insufficient Due Diligence, and Shared Technology. A quote from the alliance report, which was stated in the article, captured the general temperature of the groups concerns by saying “”Too many enterprises jump into the cloud without understanding the full scope of the undertaking…organizations are taking on unknown levels of risk in ways they may not even comprehend, but that are a far departure from their current risks.”
Read more details about the “Notorious Nine” and what these experts feel can be done to limit how they affect cloud computing and other parts of the technology industry in the future in the full article at the Information Week website.