A key enabler of digital transformation for an organization is their cloud computing capabilities. Any cloud footprint transforms business, private and governmental organizations, enabling new levels of speed, agility and access. However, like any emerging technology, the cloud computing requires heightened thinking from business leaders and even traditional IT professionals, to address the evolving set of security threats spawning from Cloud computing infrastructure and its rapid adoption and use.

 To address the cloud security challenges, we propose an approach in 3 steps: assess, protect, detect & respond. To protect your cloud environments, you must first identify what is the associated risks and requirements?

The aim of cloud security assessment

The cloud environment is constantly changing and it makes it difficult to rapidly detect and respond to threats. A cloud security assessment (CSA) can help you identify and mitigate security risks in cloud computing. It covers the 11 major security threats identified by the Cloud Security Alliance:

1. Data breaches
2. Misconfiguration and Inadequate Change Control
3. Lack of Cloud Security Architecture and Strategy
4. Insufficient Identity, Credential, Access and Key Management
5. Account hijacking
6. Insider Threat
7. Insecure Interfaces and APIs
8. Weak Control Plane
9. Metastructure and Applistructure Failures
10. Limited Cloud Usage Visibility
11. Abuse and Nefarious Use of Cloud Services