‘Vanilla’ cloud environments were typically not made to handle harsh environments like that of High Performance Computing (HPC) Cloud Security. Technical concerns for HPC are further complicated by the complex and ever-evolving threat landscape. As we increasingly see cases of pure HPC bare metal infrastructure interacting with the cloud such as I/O interfaces and processes, it brings along more ‘opportunities’ for malicious attacks. While this should be considered and integrated into security policies and guidelines, performance face the perilof being compromised as precious resources are carved out for security protocols and processes. The crossing of cloud and HPC environments often leads us to questions of how security in an HPC cloud environment can be implemented, enforced and ensured without the need to compromise performance. This Working Group strives to provide recommendations that can answer these questions.