Providing Insight Into the Cloud Computing Security, Privacy and Related Threats

Cloud Security Journal

Subscribe to Cloud Security Journal : eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Cloud Security Journal : homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Top Stories

API Security has finally entered our security zeitgeist. OWASP Top 10 2017 - RC1 recognized API Security as a first class citizen by adding it as number 10, or A-10 on its list of web application vulnerabilities. We believe this is just the start. The attack surface area offered by API is orders or magnitude larger than any other attack surface area. Consider the fact the APIs expose cloud services, internal databases, application and even legacy mainframes over the internet. What could go wrong? API Security has been added to OWASP Top 10 2017 - RC1. This is a commendable step taken by the web application security thought leaders and is a clear indication of where the industry is heading. Security professionals have all the tools and awareness to fence in applications, databases and legacy systems through firewalls. OWASP has served the security professionals well... (more)

Cloud People: A Who's Who of Cloud Computing

Behind every cloud service or cloud-based solution, there are real people... A robust ecosystem of solutions providers has emerged around cloud computing. But who are the CEOs & CTOs behind those providers, who are the internal and external entrepreneurs driving companies involved in the Cloud, who are the leading engineers, developers, analysts, researchers, marketing professionals, authors...who, in short, are the people behind the cloud? This list will be updated weekly between now and November 4-7, 2013, when 13th Cloud Expo | Cloud Expo Silicon Valley opens its doors in the Santa Clara Convention Center, in the heart of California's Silicon Valley. Here are some highly prominent "Cloud People" to kick off with... RANDY BIAS | @randybias "Randy Bias is visionary. He sees things others don't." [Emphasis added.] That is how Mårten Mickos puts it, as succinctly as ever.... (more)

The Top 250 Players in the Cloud Computing Ecosystem

In the run-up to the next Cloud Expo, 7th Cloud Expo (November 1–4, 2010) being held at the Santa Clara Convention Center in Silicon Valley, it's time to give my earlier list a complete overhaul. Here, accordingly, is an expanded list of the most active players in the Cloud Ecosystem. I have increased it from the 'mere' 150 I identified back in January of this year, to 250, testimony – as if any were needed! – to the fierce and continuing growth of the "Elastic IT" paradigm throughout the world of enterprise computing. Editorial note: The words in quotation marks used to describe the various services and solutions in this round-up are in every case taken from the Web sites of the companies themselves. Omissions to this Top 250 list should be sent to me via Twitter ( and I will endeavor to include them in any future revision of this newly expanded rou... (more)

Cloud Computing Takes Not-for-Profits to New Heights

Not-for-profits and cloud computing seem to be made for one another. The cloud IT delivery model is well suited to not-for-profits (NFPs) for a number of reasons, according to an article on There are little to no upfront costs with cloud services and consumption is usually billed on a monthly subscription basis, allowing for predictable budgeting. There are also fewer IT staff requirements; this is ideal for NFPs who might not have the resources to hire skilled technical staff. In the specific case of server hardware, no servers need to be purchased, maintained, or recycled with a cloud service. Other tangible benefits of the cloud for NFPs include rapid deployment of services, and the convenience of being able to use the service from any location - ideal for staff and volunteers. Technology information resource for NFPs and libraries,, makes a ... (more)

Hybrid Cloud Security | @CloudExpo @Cavirin #API #SDN #AI #DX #DataCenter

According to a recent Gartner study, by 2020, it will be unlikelythat any enterprise will have a "no cloud" policy, and hybrid will be the most common use of the cloud. While the benefits of leveraging public cloud infrastructures are well understood, the desire to keep critical workloads and data on-premise in the private data center still remains. For enterprises, the hybrid cloud provides a best of both worlds solution. However, the leading factor that determines the preference to the hybrid cloud, among other things, is "security." Moreover, as the growth of the public cloud infrastructure continues, it is not hard to observe two key directions of focus by the cloud providers, namely: The geographical expansiveness of their public cloud infrastructure to grow the number of availability zones The richness of their services catalog to ensure cloud adopters are n... (more)

Hybrid Cloud - Key Benefits and Must-Have Requirements | @CloudExpo #DX #Compliance

Gartner says by 2020, a corporate "No-Cloud" Policy will be as rare as a "No-Internet" policy is today and specifically the Infrastructure as a Service (IaaS) market is projected to continue to grow more than 25 percent per year through 2019. This surge in cloud adoption also represents a huge shift in cloud spending by IT organizations, directly or indirectly affecting more than $1 trillion dollars in Cloud IT purchases by 2020, according to Gartner. Of course, not every enterprise app and data bit will move fully to the cloud. To quote yet another study - this one by North Bridge Venture Partners and GigaOM Research - many of these deployments will be hybrid in nature. For enterprises and smaller organizations alike, it's essential to build a cloud strategy that adopts public and private cloud resources, on-premise systems, containers, and more. Research confirms... (more)

1st Annual Government IT Conference & Expo: Themes & Topics

A round-up of the problems, issues and opportunities due to be discussed October 6, 2009 in Washington, DC, at SYS-CON's 1st Annual Government IT Conference & Expo (, a 1-day deep dive into the new wave of Internet-based technologies that are changing the way that Federal agencies leverage, procure and utilize IT. The event is being held at The Hyatt Regency on Capitol Hill and the distinguished GovIT Expo Speaker Faculty includes recognized government, industry, and academic leaders experienced in building and managing software applications. Three simultaneous tracks will be covering Cloud Computing, Virtualization & SOA, and Security & Compliance. Themes and topics to be covered include: Accessing Public Data via the Cloud - The Director of Cloud & Virtualization at Vertica, Omer Trajman, will be giving a session discussing how government organizations... (more)

Open vSwitch Project Launches

Last week a new Open vSwitch project was launched with little fan fare and even less insight into who is behind the project. The project aims to create a multilayer virtual switch licensed under the open source Apache 2 license. At first glance the project looks very promising as the basis for creating distributed VLan and Virtual Private Clouds (VPC). Before I go into the details of the project I will say I find it very interesting the complete lack of any insight into who is behind the project. The website doesn't include company or contact information. According to Alessandro Perilli at the project is backed by Citrix. In Perilli's post he points to a blog post written in June by Citrix CTO Simon Crosby where Crosby used his Twitter account to calls for beta testers of the “XenServer distributed virtual switch”. But I couldn't find any mention o... (more)

Cloud Expo New York to Attract More Than 8,000 Delegates

SYS-CON Events announced today that the 10th International Cloud Expo and the 1st Big Data Expo will take place June 11-14, 2012, at the Javits Center in New York City. As at every Cloud Expo, we are offering in New York a vast selection of technical and strategic breakout sessions, General Sessions, Industry Keynotes, our signature discussion "Power Panels" and a bustling Expo floor complete with two busy Demo Theaters so that as a delegate you can kick the tires of solutions and offerings, and discuss one-on-one with all the leading Cloud and Big Data players what they are offering and how to make use of it in your particular situation. Just as Cloud and Big Data solutions will be side by side on the Expo floor, so they are in the conference program. We're including below a tiny sampler of the breakouts you can look forward to...and if you look at the welter of ... (more)

Adaptivity “Platinum Plus Sponsor” of Cloud Expo

SYS-CON Events announced today that Adaptivity, the IT transformation company, has been named "Platinum Plus Sponsor" of SYS-CON's 5th International Cloud Expo (, which will take place on April 19-21, 2010, at the Jacob Javits Convention Center in New York City. Adaptivity's CEO Tony Bishop ( will be offering major thought leadership on Day Two of the 3-day event in a Morning Keynote. Read Exclusive Cloud Computing Journal Q&A with Tony Bishop here. Cloud Expo was announced on February 24, 2007, the day the term "cloud computing" was coined. That same year, the first Cloud Expo took place in New York City with 450 delegates. Next April, Cloud Expo is returning to New York City with more than 5,000 delegates and over 100 sponsors and exhibitors. The three-day event will attract more than 5,000 delegates from 48 co... (more)

Impact of the Allegations Surrounding the NSA Spying on Cloud Privacy

The latest headlines in the ongoing surveillance soap opera focus on the revelation that the U.S. has been eavesdropping directly on German Prime Minister Angela Merkel. The reaction in Germany has been strong with many officials publically condemning the surveillance. After the NSA's activity first came to light, many in Europe called for stricter protection of EU data and privacy rights. But now, Merkel is calling for stronger Internet technology in Germany, specifically to address the fact all major data centers are in the U.S. and China. It isn't clear exactly how these latest developments will further impact German and other EU countries' usage of U.S. cloud service providers. Germany already has some of the strictest data privacy regulations in the world. Known as BDSG, German regulations include restrictions on how personal information is collected, requirin... (more)