CERT-SEI
CERT Insider Threat Blog

Insider Threats Related to Cloud Computing--Installment 10: Conclusion

By CERT Insider Threat Center on 10/01/2012 | Permalink

Hi, this is Bill Claycomb and Alex Nicoll with the final installment of a series on cloud-related insider threats. In this post, we present our conclusion on the current state of cloud-related insider threats and our vision for the future.

Insider threats are a persistent and increasing problem. Cloud computing services provide a resource for organizations to improve business efficiency, but also expose new possibilities for insider attacks. Fortunately, it appears that few, if any, rogue administrator attacks have been successful within cloud service providers, but insiders continue to abuse organizational trust in other ways, such as using cloud services to carry out attacks.

Organizations should be aware of vulnerabilities exposed by the use of cloud services and be mindful of the availability of cloud services to employees within the organization. The good news is that existing data protection techniques can be effective, if diligently and carefully applied.

Future research on cloud-related insider threats should focus on identifying and addressing unique vulnerabilities posed by the use of cloud computing services. Our future plans include a study of cloud-specific insider activity to identify issues related to detecting and preventing some of the incidents we’ve presented in this series of blog posts.

We caution against simply casting previous solutions to other problems in light of a cloud environment; this approach has little benefit to the community and should be avoided unless a distinct advantage can be obtained and measured. Rather, we suggest an approach grounded on solid information assurance principles and focused on finding new solutions that address real threats to cloud computing.

 

Topics: Cloud Computing , Insider Threat