CSA Official Press Release
Published 02/25/2013
Cloud Security Alliance Warns Providers of ‘The Notorious Nine’ Cloud Computing Top Threats in 2013
Organizations Must Make Educated Risk-Management Decisions Regarding Cloud Adoption Strategies
RSA CONFERENCE – San Francisco, CA – February 25, 2013 – The Cloud Security Alliance (CSA) Top Threats Working Group today released The Notorious Nine: Cloud Computing Top Threats in 2013, a revised report aimed to provide organizations with up-to-date, expert-informed understanding of cloud security threats in order to make educated risk-management decisions regarding cloud adoption strategies. While there are many risks associated with the cloud in general, this report focuses on threats specifically related to the shared, on-demand nature of cloud computing. With descriptions and analyses, the report serves as an up-to-date threat identification guide that will help cloud users and providers make informed decisions about risk mitigation within a cloud strategy. “To effectively manage risks in cloud computing, it is essential for companies to understand today’s and tomorrow’s threats specific to the cloud, and that comes with education and proper due diligence,” said J.R. Santos, Global Research Director of the CSA. “Companies are still not yet doing the proper due diligence, which is unfortunate and continues to be a real issue. We hope this report brings increased awareness to help companies make informed decisions to mitigate risks within their cloud adoption strategy.” To identify the top threats, CSA conducted a survey of industry experts, to compile professional opinion on the greatest issues within cloud computing. The Top Threats Working Group used these survey results alongside their expertise to craft the final The Notorious Nine: Cloud Computing Top Threats in 2013. The survey methodology validated that the threat listing reflects the most current concerns of the industry. In this most recent edition of this report, experts identified the following nine critical threats to cloud security:- Data Breaches
- Data Loss
- Account Hijacking
- Insecure APIs
- Denial of Service
- Malicious Insiders
- Abuse and Nefarious Use
- Insufficient Due Diligence
- Shared Technology Issues
About Cloud Security Alliance
The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders. For further information, follow us on Twitter @cloudsa.
For press inquiries, email Zenobia Godschalk of ZAG Communications or reach her by phone at 650.269.8315.