- Cloud Cloud Risks and the Security Community
Most cloud security risks apply to IT in general and either have mitigations or have been accepted. InfoSec's role should be active participation in technical innovation, balancing risk with cost—not...
- Cloud Top 10 Cloud Security Risks
Ten cloud-specific risks: lack of risk management framework, infrastructure sharing compromises, inconsistent controls in changing environments, loss of direct control, hypervisor exploitation,...
- Cloud Security Risks to Consider When Adopting Cloud Services
Cloud risks stem from three characteristics: agility (rapidly-changing environments make consistent controls hard), sharing (compromise to one component affects neighbors), and outsourcing (loss of...
- Cloud Getting Started with Cloud Security and Risks - Favorite Frameworks
Key cloud security frameworks: NIST defines cloud computing terminology (SaaS/PaaS/IaaS, deployment models), Cloud Security Alliance provides comprehensive security guidance across governance and...
- Malware What Is Cloud Anti-Virus and How Does It Work?
Cloud anti-virus uses lightweight endpoint agents that offload analysis to provider infrastructure—less system strain, smaller attack surface. Agents submit file metadata (hashes, behavior, origin)...
- Cloud Cloud Security Attestation Beyond SAS 70
SAS 70 was designed for financial systems, not security certification—it only confirms controls the provider paid auditors to evaluate. Better options include SysTrust (prescriptive control set), ISO...