Forwarded from: Richard Forno <rforno (at) infowarrior.org> To: InfoSec News <alerts (at) infosecnews.org> Cc: Infowarrior List <infowarrior (at) attrition.org> Umm, yeah, okay. What happens when you can't reach the cloud? Mission Fail. What happens when the cloud provider drops the ball on security or other operational requirements? Mission Fail. What happens when you want to switch cloud providers for a better price? Gonna be hard I bet. Just remember how many organisations didn't switch away from Microsoft because "we spent too much on it already" and ended up suffering through tons of more-costly infosec and operational problems as a result. Yay, lock-in! The IT community is so infatuated with the potential benefits of All Things Cloud(tm) that it is losing sight of the potential, if not probable, real risks associated with it. It willingly seeks now to lock itself into a walled garden environment controlled by a third party that perhaps offers greater convenience and cost-savings but at the expense of resiliency and a greater control over its ability to function during adversity. Yay, Cloud! (And yay, warped sense of priorities for networks/services allegedly deemed 'critical'.) Cyber-adveraries are salivating at what the future holds for them in Cloud-Based America. Yay, Cloud! Mark my words: the cloud will be uber-awesome, until it breaks or you can't reach it. -- rick infowarrior.org On Feb 3, 2011, at 02:51 , InfoSec News wrote: > http://www.networkworld.com/news/2011/020211-cloud-services-cyber-security.html > > By Tim Greene > Network World > February 02, 2011 > > The shift to cloud computing offers an opportunity to better secure > the national digital infrastructure by concentrating the burden of > cyber security among a relatively small number of service providers > rather than thousands of individual businesses, according to a report > by a foreign policy think tank. > > "Cloud computing has weaknesses, but it also offers the opportunity to > aggregate and automate cyber defense," according to a new report by > the Center for Strategic and International Studies. The report, > "Cybersecurity Two Years Later," is a follow-up to "Securing > Cyberspace for the 44th Presidency," which the group issued in 2008. > > "Much of the burden of security will shift from consumers and > businesses to service providers that may be better equipped to meet > advanced challenges," the new report says. "The move to the cloud is > not a silver bullet that will solve all cybersecurity problems, but it > is part of a larger move to a more mature infrastructure that includes > the automation of security practices and monitoring -- such as the > Security Content Automation Protocol (SCAP) -- particularly if we find > a better way for service providers to work more effectively with > government agencies." > > In the two years since the foreign-policy think tank issued its first > report the Obama administration has fallen short of implementing > measures that would protect the U.S. from cyber attacks, the new > report says. > > [...] ___________________________________________________________ Tegatai Managed Colocation: Four Provider Blended Tier-1 Bandwidth, Fortinet Universal Threat Management, Natural Disaster Avoidance, Always-On Power Delivery Network, Cisco Switches, SAS 70 Type II Datacenter. Find peace of mind, Defend your Critical Infrastructure. http://www.tegataiphoenix.com/Received on Fri Feb 04 2011 - 03:30:28 PST
This archive was generated by hypermail 2.2.0 : Fri Feb 04 2011 - 03:38:53 PST