search menu icon-carat-right cmu-wordmark

Subject: Cloud Computing

Head in the Clouds

Head in the Clouds

• Insider Threat Blog
Matthew Butkovic

The transition from on-premises information systems to cloud services represents a significant, and sometimes uncomfortable, new way of working for organizations. Establishing meaningful Service Level Agreements (SLAs) and monitoring the security performance of cloud service providers are two significant challenges. This post proposes that a process- and data-driven approach would alleviate these concerns and produce high-quality SLAs that reduce risk and increase transparency....

Read More
Insider Threats Related to Cloud Computing--Installment 8: Three More Proposed Directions for Future Research in Detail

Insider Threats Related to Cloud Computing--Installment 8: Three More Proposed Directions for Future Research in Detail

• Insider Threat Blog
CERT Insider Threat Center

Hi, this is Bill Claycomb and Alex Nicoll with installment 8 of a 10-part series on cloud-related insider threats. In this post, we discuss three more areas of future research for cloud-related insider threats: identifying cloud-based indicators of insider threats, virtualization and hypervisors, and awareness and reporting....

Read More
Insider Threats Related to Cloud Computing--Installment 4: Using the Cloud to Conduct Nefarious Activity

Insider Threats Related to Cloud Computing--Installment 4: Using the Cloud to Conduct Nefarious Activity

• Insider Threat Blog
CERT Insider Threat Center

A third type of cloud-related insider is one who uses cloud services to carry out an attack on his own employer. This type of insider is similar to the previous type who targets systems or data in the cloud. In contrast, the third type of insider uses the cloud as a tool to carry out an attack on systems or data targeted, which are not necessarily associated with cloud-based systems....

Read More
Insider Threats Related to Cloud Computing--Installment 3: Insiders Who Exploit Cloud Vulnerabilities

Insider Threats Related to Cloud Computing--Installment 3: Insiders Who Exploit Cloud Vulnerabilities

• Insider Threat Blog
CERT Insider Threat Center

Hi, this is Bill Claycomb and Alex Nicoll with installment 3 of a 10-part series on cloud-related insider threats. In this post, we discuss a second type of cloud-related insider threat: those that exploit weaknesses introduced by use of the cloud. Last week we discussed the rogue administrator, one type of cloud-related insider threat. A second type of cloud-related insider threat, often overlooked by security researchers, is the insider who exploits vulnerabilities exposed by the...

Read More
Insider Threats Related to Cloud Computing--Installment 2: The Rogue Administrator

Insider Threats Related to Cloud Computing--Installment 2: The Rogue Administrator

• Insider Threat Blog
CERT Insider Threat Center

Hi, this is Bill Claycomb and Alex Nicoll with installment 2 of a 10-part series on cloud-related insider threats. In this post, we present three types of cloud-related insiders and discuss one in detail--the "rogue administrator." This insider typically steals the cloud provider's sensitive information, but can also sabotage its IT infrastructure. The insider described by this threat may be motivated financially or by revenge....

Read More
Insider Threats Related to Cloud Computing--Installment 1: Introduction

Insider Threats Related to Cloud Computing--Installment 1: Introduction

• Insider Threat Blog
CERT Insider Threat Center

Hi, this is Bill Claycomb, lead research scientist for the CERT Insider Threat Center and Alex Nicoll, technical team lead for Insider Threat Technical Solutions and Standards. Over the next few months, we will discuss, in a series of blog posts, problems related to insiders in the cloud, defending against them, and researching approaches that could help solve some of these problems....

Read More