Skip to the main content.

1 min read

Security threats in the cloud

Balancing risk and efficiency

Last month the Top Threats Working Group at the Cloud Security Alliance (CSA) released “The Treacherous 12: Cloud Computing Top Threats in 2016,” identifying and describing critical security issues facing IT leaders today.

Sponsored by Hewlett Packard Enterprise, the report serves as an up-to-date guide to help cloud users and providers make informed decisions about risk mitigation within a cloud strategy. The report points out that while the cloud service model delivers a wide range of capabilities more efficiently than ever before, there are risks that come along with that efficiency.

Although shifting to cloud technologies exclusively typically provides cost and efficiency gains, doing so requires that business-level security policies, processes and best practices are taken into account. In the absence of such standards, businesses are vulnerable to security breaches that can erase any gains made by the switch to cloud technology.

While there are many security concerns in the cloud, the report focuses on 12 specifically related to the shared, on-demand nature of cloud computing.

Among the most significant security risks associated with cloud computing is shadow IT, the tendency to for line of business leaders to bypass information technology (IT) departments and information officers when implementing certain cloud solutions.

In creating “The Treacherous 12: Cloud Computing Top Threats in 2016,” the CSA Top Threats Working Group conducted research in two primary stages.

In the first stage, the group presented 20 concerns via a series of consultations, asking working group members to indicate the importance of each concern to their organization. After considering all the survey results, the working group identified and ranked the top 12 most salient cloud security concerns from among the previously short-listed group of concerns. Approximately 270 respondents participated in the survey process and identified the following security issues in cloud computing:

  1. Data Breaches
  2. Weak Identity, Credential and Access Management
  3. Insecure APIs
  4. System and Application Vulnerabilities
  5. Account Hijacking
  6. Malicious Insiders
  7. Advanced Persistent Threats (APTs)
  8. Data Loss
  9. Insufficient Due Diligence
  10. Abuse and Nefarious Use of Cloud Services
  11. Denial of Service
  12. Shared Technology Issues

In addition to identifying the twelve threats, the repost provides high-level descriptions of corresponding steps you can take to reduce them. If you find that you are struggling with a particular cloud security issue, your Zones account executive can connect you with a Zones Cloud Solutions specialist for a consultation.

The threat research document should be utilized in conjunction with the best practices guides, “Security Guidance for Critical Areas in Cloud Computing V.3” and “Security as a Service Implementation Guidance”, available from the CSA website,

>>Learn More

>>Download Report









3 ways cloud-based communication is better than your PBX system

One of the most common reasons that businesses tackle workplace modernization projects these days is a need to improve communication among the...

Read More
Cisco ASA

Is your business ready for the future of firewalling?

It’s readily apparent that the security fortification landscape has shifted quite a bit in just the last few years. One key reason for this is that...

Read More
How digital signage can make a difference in retail environments

How digital signage can make a difference in retail environments

Among many retail businesses right now, there’s a major push to devote more resources to workplace modernization. And why is that, exactly?If your...

Read More