As businesses are developing rapidly, and IT infrastructures constantly diversified, a single public / private cloud or traditional on-premises datacenter is no longer able to meet service requirements in terms of costs, performance, scalability, security, and compatibility. Users are increasingly choosing hybrid clouds to meet their needs. Hybrid clouds take advantage of various clouds and traditional IT infrastructures and work systematically to benefit the users based on their service requirements. However, there are different security risks the hybrid clouds pose, bringing on challenges to security protection. This initiative aims to identify hybrid cloud security risks and countermeasures, helping users identify and reduce risk. Besides this, the working group also intends to provide suggestions on hybrid cloud governance, hybrid cloud threat profiles and hybrid cloud security evaluation, guiding both users and cloud service providers to choose and provide secure hybrid cloud solutions, and promoting security planning and implementation.