Publications

File Cloud Computing: Benefits, risks and recommendations for information security
Rev.B – December 2012 -x- Since the publication of the 2009 Cloud Risk Assessment study, the perception of Cloud computing has changed, and so has the perception of the associated risks. However, the 2009 Cloud Risk Assessment continues to be one of the most downloaded documents on the ENISA website. It is therefore worthwhile to revise the document in general, but especially have a new look at the risks and try to re-assess them, taking the developments of the last three years into account. This document is the result of a first review round carried out by ENISA with the assistance of external experts.
File Critical Cloud Computing
Public and private sector organisations are switching to cloud computing and single cloud service providers sometimes provide services for millions of users and a range of organizations and businesses. This means that also from a CIIP perspective cloud computing becomes relevant. In this paper we look at key risks for cloud computing services from a CIIP perspective. We look at data about the usage and uptake of cloud computing and we analyse some scenarios. We conclude with recommendations for government bodies, like regulators and contingency agencies, about addressing the risks of cloud computing.