Overview of Risks, Threats, and Vulnerabilities Faced in Moving to the Cloud
• Technical Report
Publisher
Software Engineering Institute
CMU/SEI Report Number
CMU/SEI-2019-TR-004DOI (Digital Object Identifier)
10.1184/R1/12363569.v2Topic or Tag
Abstract
As organizations develop new applications in or migrate existing applications to cloud services, they face changes in securing their information and applications. This report examines the changes to risks, threats, and vulnerabilities when applications are deployed to cloud services. Five cloud-unique threats and risks are identified along with seven threats and risks that exist on-premises and in cloud computing. For each of these threats and risks, recommendations are made for managing and mitigating the threats and risks when using cloud services.
In October 2020, this report was updated to
- add information about containers and orchestration
- update risk #5 Incomplete Data Deletion
- add new risk #13 Risks Transfer Between CSP and Customers
Cite This Technical Report
Morrow, T., Pender, K., Lee, C., & Faatz, D. (2019, July 11). Overview of Risks, Threats, and Vulnerabilities Faced in Moving to the Cloud. (Technical Report CMU/SEI-2019-TR-004). Retrieved December 26, 2024, from https://doi.org/10.1184/R1/12363569.v2.
@techreport{morrow_2019,
author={Morrow, Timothy and Pender, Kelwyn and Lee, Carrie and Faatz, Donald},
title={Overview of Risks, Threats, and Vulnerabilities Faced in Moving to the Cloud},
month={{Jul},
year={{2019},
number={{CMU/SEI-2019-TR-004},
howpublished={Carnegie Mellon University, Software Engineering Institute's Digital Library},
url={https://doi.org/10.1184/R1/12363569.v2},
note={Accessed: 2024-Dec-26}
}
Morrow, Timothy, Kelwyn Pender, Carrie Lee, and Donald Faatz. "Overview of Risks, Threats, and Vulnerabilities Faced in Moving to the Cloud." (CMU/SEI-2019-TR-004). Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, July 11, 2019. https://doi.org/10.1184/R1/12363569.v2.
T. Morrow, K. Pender, C. Lee, and D. Faatz, "Overview of Risks, Threats, and Vulnerabilities Faced in Moving to the Cloud," Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, Technical Report CMU/SEI-2019-TR-004, 11-Jul-2019 [Online]. Available: https://doi.org/10.1184/R1/12363569.v2. [Accessed: 26-Dec-2024].
Morrow, Timothy, Kelwyn Pender, Carrie Lee, and Donald Faatz. "Overview of Risks, Threats, and Vulnerabilities Faced in Moving to the Cloud." (Technical Report CMU/SEI-2019-TR-004). Carnegie Mellon University, Software Engineering Institute's Digital Library, Software Engineering Institute, 11 Jul. 2019. https://doi.org/10.1184/R1/12363569.v2. Accessed 26 Dec. 2024.
Morrow, Timothy; Pender, Kelwyn; Lee, Carrie; & Faatz, Donald. Overview of Risks, Threats, and Vulnerabilities Faced in Moving to the Cloud. CMU/SEI-2019-TR-004. Software Engineering Institute. 2019. https://doi.org/10.1184/R1/12363569.v2