8: Insufficient due diligence
The rush to the cloud for cost reductions or efficiencies can sometimes result in a lack of operational responsibilities, said Low. One good example is incident response. You don’t know what to do after the attack and that is important because you need to contain the damage and restore services as soon as possible. Those responses need to be clearly specified with your vendors and top service providers. Forensics is important because we want to save your systems and know who did it,” he said.
7: Abuse of cloud services
The use of cloud services to launch distributed denial of service (DDoS) attacks, malware or distribute pirate software has become prevalent according to Low.It is very important that we invest in advanced tracking tools to identify attacks that are highly evasive. Attackers will study you over a long period of time to understand the loopholes in the system.