University of Twente Student Theses
Best Practices in Cloud Incident Handling
Hengst, Kimberly (2020) Best Practices in Cloud Incident Handling.
|
PDF
2MB |
| Abstract: | In the current trend of transitioning towards cloud environments, companies report issues with detecting and responding to cloud security incidents. Research has shown that organisations experience many challenges, among which are an insufficient overview of information, a lack of visibility, and an inadequate design and road map. Therefore, this research aims to determine the current best practice in cloud incident handling. Furthermore, it aims to determine to what extent this practice is sufficient in the current Dutch incident handling landscape. Based on a literature study of existing literature on cloud incident handling, 12 semi-structured interviews have been conducted with 14 participants from Computer Security Incident Response Teams (CSIRTs) of Dutch organisations. A thorough analysis of both literature and practice resulted in guidelines and recommendations. While all recommendations should be considered by organisations, the results indicate five important recommendations: (1) organisations should prepare for cloud incidents by informing themselves of the characteristics and features of the cloud environment, (2) organisations should obtain visibility into their cloud environment by implementing cloud management, (3) organisations should ensure proper cloud security, (4) all agreements, requirements, and responsibilities must be included in the Service Level Agreement (SLA), and (5) incident information should be shared as this is crucial in preventing incidents and holding Cloud Service Providers (CSPs) accountable. The presented recommendations can be used by companies to further improve their cloud incident handling strategy and contribute towards decreasing the gap between theory and practice. |
| Item Type: | Essay (Master) |
| Faculty: | EEMCS: Electrical Engineering, Mathematics and Computer Science |
| Subject: | 54 computer science |
| Programme: | Computer Science MSc (60300) |
| Link to this item: | https://purl.utwente.nl/essays/80630 |
| Export this item as: | BibTeX EndNote HTML Citation Reference Manager |
Show download statistics for this publication
Show download statistics for this publicationRepository Staff Only: item control page