Toward Risk Assessment as a Service in Cloud Environments

Free registration required

Executive Summary

Security and privacy assessments are considered a best practice for evaluating a system or application for potential risks and exposures. Cloud computing introduces several characteristics that challenge the effectiveness of current assessment approaches. In particular, the on-demand, automated, multi-tenant nature of cloud computing is at odds with the static, human process-oriented nature of the systems for which typical assessments were designed. This paper describes these challenges and recommends addressing them by introducing risk assessment as a service.

  • Format: PDF
  • Size: 79.69 KB