infosec-news February 2011 archive
Main Archive Page > Month Archives  > infosec-news archives
infosec-news: Re: [ISN] Cloud services could bolster national cy

Re: [ISN] Cloud services could bolster national cyber security

From: InfoSec News <alerts_at_nospam>
Date: Fri Feb 04 2011 - 11:30:28 GMT
To: isn@infosecnews.org

Forwarded from: Richard Forno <rforno (at) infowarrior.org>
To: InfoSec News <alerts (at) infosecnews.org>
Cc: Infowarrior List <infowarrior (at) attrition.org>

Umm, yeah, okay.

What happens when you can't reach the cloud? Mission Fail.

What happens when the cloud provider drops the ball on security or other
operational requirements? Mission Fail.

What happens when you want to switch cloud providers for a better price?
Gonna be hard I bet. Just remember how many organisations didn't switch
away from Microsoft because "we spent too much on it already" and ended
up suffering through tons of more-costly infosec and operational
problems as a result. Yay, lock-in!

The IT community is so infatuated with the potential benefits of All
Things Cloud(tm) that it is losing sight of the potential, if not
probable, real risks associated with it. It willingly seeks now to lock
itself into a walled garden environment controlled by a third party that
perhaps offers greater convenience and cost-savings but at the expense
of resiliency and a greater control over its ability to function during
adversity. Yay, Cloud! (And yay, warped sense of priorities for
networks/services allegedly deemed 'critical'.)

Cyber-adveraries are salivating at what the future holds for them in
Cloud-Based America. Yay, Cloud!

Mark my words: the cloud will be uber-awesome, until it breaks or you
can't reach it.

-- rick
infowarrior.org

On Feb 3, 2011, at 02:51 , InfoSec News wrote:

> http://www.networkworld.com/news/2011/020211-cloud-services-cyber-security.html
>
> By Tim Greene
> Network World
> February 02, 2011
>
> The shift to cloud computing offers an opportunity to better secure
> the national digital infrastructure by concentrating the burden of
> cyber security among a relatively small number of service providers
> rather than thousands of individual businesses, according to a report
> by a foreign policy think tank.
>
> "Cloud computing has weaknesses, but it also offers the opportunity to
> aggregate and automate cyber defense," according to a new report by
> the Center for Strategic and International Studies. The report,
> "Cybersecurity Two Years Later," is a follow-up to "Securing
> Cyberspace for the 44th Presidency," which the group issued in 2008.
>
> "Much of the burden of security will shift from consumers and
> businesses to service providers that may be better equipped to meet
> advanced challenges," the new report says. "The move to the cloud is
> not a silver bullet that will solve all cybersecurity problems, but it
> is part of a larger move to a more mature infrastructure that includes
> the automation of security practices and monitoring -- such as the
> Security Content Automation Protocol (SCAP) -- particularly if we find
> a better way for service providers to work more effectively with
> government agencies."
>
> In the two years since the foreign-policy think tank issued its first
> report the Obama administration has fallen short of implementing
> measures that would protect the U.S. from cyber attacks, the new
> report says.
>
> [...]

___________________________________________________________
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery
Network, Cisco Switches, SAS 70 Type II Datacenter.
Find peace of mind, Defend your Critical Infrastructure.
http://www.tegataiphoenix.com/