Skip to main content

CSA report outlines gravest cloud security threats in 2013

The Cloud Security Alliance (CSA), a non-profit industry organisation tasked with promoting awareness on cloud security, has released its updated list of the nine gravest security loopholes threatening the cloud industry in 2013.

Dubbed "The Notorious Nine", the new CSA report highlights the existing threats that pose grave danger to the on-demand, shared nature of cloud services. The report, based on an industry-wide survey, aims to assist cloud users and service providers to embrace the best practices for risk reduction.

The CSA urges users to consider the Notorious Nine in conjunction with the other CSA best practices guides, including "Security as a Service Implementation Guidance" and "Security Guidance for Critical Areas in Cloud Computing V.3".

According to the CSA report, the nine most pervasive threats to cloud security includes: data loss, data breach, insecure APIs, account hijacking, malicious insiders, denial of service, shared technology issues, abuse and nefarious use and insufficient due diligence.

"To effectively manage risks in cloud computing, it is essential for companies to understand today's and tomorrow's threats specific to the cloud, and that comes with education and proper due diligence," said J.R. Santos, global research director of the CSA.

"Companies are still not yet doing the proper due diligence, which is unfortunate and continues to be a real issue," Santos added.

Image Credit: Flickr (FutUndBeidl)