Risk Name Probability Impact Affected Assets Factors

Print   

02 Nov 2017

Disclaimer:
This essay has been written and submitted by students and is not an example of our work. Please click this link to view samples of our professional work witten by our professional essay writers. Any opinions, findings, conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of EssayCompany.

Lock-in

High

Medium

Business reputation; personal and sensitive data; service delivery

Lack of transparency; absence of standard Solutions;

Poor provider selection

High

Loss of governance

Very High

Very High

Business reputation; customer trust; personal and sensitive data;

service delivery

Unclear or ineffective roles and responsibilities; inconsistent responsibility between CSP and

tenant; lack of access by tenant to provider audits; lack of transparency; absence of standard solutions; unclear asset ownership/custodianship

High

Compliance

challenges

Very High

High

Certification

Lack of access by tenant to provider audits; absence of standard solutions; Jurisdiction where data is stored; Lack of operational information; Lack

of transparency

High

Subpoena and

e-discovery

High

Medium

Business reputation; customer trust; personal and sensitive data;

service delivery

Lack of resource isolation; data stored in multiple jurisdictions; Lack of transparency

High

Risk from changes of jurisdiction

Very High

High

Business reputation; customer trust; personal and sensitive data;

service delivery

Lack of information on jurisdictions; Data stored in multiple jurisdictions; Lack of transparency

High

Data protection risks

High

High

Business reputation; customer trust; personal and sensitive data;

service delivery

Lack of information on jurisdictions; Data stored in multiple jurisdictions; Lack of transparency

High

Loss of business reputation due to co-tenant activity

Low

High

Business reputation; customer trust; personal and sensitive data;

service delivery

Isolation failure (technology or procedural); indirect: other tenant fails in their security responsibility; Hypervisor Vulnerabilities

Medium

Cloud service termination or failure

Unknown

Very High

Business reputation; customer trust; personal and sensitive data;

service delivery

Economic conditions;

Poor provider selection;

Lack of supplier redundancy;

Lack of transparency

Medium

Supply chain failure

Low

Medium

Business reputation; customer trust; personal and sensitive data;

service delivery

lack of transparency; Poor provider selection; Lack of supplier redundancy;

Hidden dependencies on third party services

Medium

Licensing risks

Medium

Medium

Business reputation;

service delivery;

Certifications

Lack of transparency and completeness

Medium

Risk name

Probability

Impact

Affected Assets

Factors

Rate

Isolation failure

Low-

Medium

High

Business reputation; customer trust; personal and sensitive data;

service delivery

Technical vulnerabilities in hypervisors, network,

storage, or systems software; insufficient security/

penetration testing; failure to maintain physical isolation between tenants

High

Cloud provider malicious insider

Medium

Very High

Business reputation; customer trust; personal and sensitive data;

service delivery; HR data

Unclear or ineffective roles and responsibilities; insufficient technical or physical security; failure in applying need-to-know;

Application vulnerabilities or poor patch management

High

Resource exhaustion

Low/

Medium

Low/

High

Business reputation;

customer trust;

personal and sensitive data; service delivery;

Access control / authentication / authorization

Inaccurate planning; insufficient infrastructure/provisioning;

lack of supplier redundancy

Medium

Data Leakage and Interception data in transit

Medium

High

Business reputation; customer trust; personal and sensitive data;

service delivery; HR data; cloud service management interface

Technical vulnerabilities (authentication, authorization, accounting); internal (cloud) network probing; key exposure; lack of transparency

Medium

Insecure or ineffective deletion of data

Medium

Very High

Personal and sensitive data; credentials

Sensitive media sanitization

Medium

Distributed denial of service (DDoS)

Low/

medium

High/ Very High

Business reputation; customer trust; service delivery; cloud service management interface

Ingress filtering/detection insufficient; misconfiguration of network or platform controls;

systems/network vulnerabilities

Medium

Economic denial of Sustainability

Low

High

Business reputation; customer trust; service delivery

Technical vulnerabilities (authentication, authorization, accounting); lack of policies for resource capping; provisioning, de-provisioning vulnerabilities

Medium

Loss of encryption

Keys

Low

High

Business reputation; customer trust; personal and sensitive data; credentials; HR data

Poor key management procedures; failure in key generation

Medium

Compromise service engine

Low

Very High

Personal and sensitive data; service delivery; HR data

Isolation failure (technology or procedural); hypervisor Vulnerabilities

Medium

Conflicts between customer hardening procedures and cloud provider

Low

Medium

Personal and sensitive data; intellectual property

Unclear or ineffective roles and responsibilities; lack of transparency;

Medium

Risk name

Probability

Impact

Affected Assets

Factors

Rate

Network Management

Medium

VERY High

Business reputation; customer trust; personal and sensitive data;

network connections

Misconfiguration; hardware failure; systems vulnerabilities; insufficient or lack of business

continuity and disaster recovery plan

High

Network Breaks

Low

Very High

Service delivery

Misconfiguration; hardware failure; systems vulnerabilities; insufficient or lack of business

continuity and disaster recovery plan

Medium

Modifying network traffic

Low

High

Business reputation; customer trust; personal and sensitive data;

service delivery

insufficient or lack of business

continuity and disaster recovery plan ; systems vulnerabilities

Medium

Privilege escalation

Low

High

Personal and sensitive data; access control/

authentication/ authorization; service delivery; HR data

vulnerabilities (authentication, authorization, accounting); unclear or ineffective roles and responsibilities; Misconfiguration

Medium

Social engineering attacks

Medium

High

Business reputation; customer trust; personal and sensitive data;

service delivery

Lack of security training; insufficient physical security; encryption vulnerabilities

Medium

Loss or

compromise of logs

Low

Medium

Operational or security logs;forensic review

insufficient policy or procedures; vulnerabilities; unclear or ineffective roles and responsibilities; provisioning,

de-provisioning vulnerabilities

Medium

Backups lost, stolen

Low

High

Business reputation; customer trust; personal and sensitive data;

service delivery; HR data; backup data

Insufficient physical security; vulnerabilities (authentication, authorization); provisioning, de-provisioning vulnerabilities

Medium

Unauthorized access to premises

Very Low

High

Business reputation; customer trust; personal and sensitive data;

HR data; backup data

Insufficient physical security and/or procedures

Medium

Theft of computer equipment

Very Low

High

personal and sensitive data; HR data; physical

hardware

Insufficient physical security and/or procedures

Medium

Natural disasters

Very Low

High

Business reputation; customer trust; personal and sensitive data;

service delivery; HR data; backup data

insufficient or lack of business

continuity and disaster recovery plan

Medium



rev

Our Service Portfolio

jb

Want To Place An Order Quickly?

Then shoot us a message on Whatsapp, WeChat or Gmail. We are available 24/7 to assist you.

whatsapp

Do not panic, you are at the right place

jb

Visit Our essay writting help page to get all the details and guidence on availing our assiatance service.

Get 20% Discount, Now
£19 £14/ Per Page
14 days delivery time

Our writting assistance service is undoubtedly one of the most affordable writting assistance services and we have highly qualified professionls to help you with your work. So what are you waiting for, click below to order now.

Get An Instant Quote

ORDER TODAY!

Our experts are ready to assist you, call us to get a free quote or order now to get succeed in your academics writing.

Get a Free Quote Order Now