written 6.2 years ago by |
Cloud computing is recognized as the most promising computing paradigm of the last several years . Actually, a lot of Cloud computing models have arisen, each one offering different characteristics or services, at different degrees of flexibility and involving distinct risks.
Given the fact that Cloud computing encompasses new technologies such as virtualization, there are both new risks to be determined and old risks to be re-evaluated. According to the risk management standard of the Institute of Risk Management (IRM) a risk can be defined as 2 the combination of the probability of an event and its consequences In general, in all types of businesses there are events which represent opportunities for benefit or threats to success, i.e. positive and negative aspects of risks, respectively.
Thus, and in contrast to traditional risk avoidance strategies, accepting some risks leads to obtain remarkable benefits.
The Risk Management is the process whereby organizations treat, in a methodical way, risks related with their activities. The main goal is to obtain benefits and sustainable values within each activity and across all of them.
Actually, it is a fundamental part of any organization’s strategic management. Entering in detail in its core sub process, i.e. risk assessment, there are three primary methods according to: qualitative, which uses simple calculations and thus it is not needed to determine the numerical value of all assets at risk and threat frequencies; quantitative, which assigns numerical values to both impact and likelihood of risks; semi-quantitative (or hybrid), which is less numerically intensive than quantitative methods and classifies (prioritizes) risks according to consequences and foreseen probabilities.
Risk management in cloud involves the following tasks
• risk identification
• risk analysis and evaluation
• selection of counter measures
• deployment of suitable counter measures
• continuous monitoring to assess effectiveness of the solution