| Threats | Remarks |
---|---|---|
1 | Abuse and Nefarious Use of Cloud Computing - threats related to abusing cloud network and services by using Denial of Service (DoS), malicious file upload, and malware | - The authors mapped this threat to ISO 27001 compliance. We believe that this threat can also be mapped to other regulations |
2 | Insecure Interfaces and APIs | - This is not a threat, it is a vulnerability. |
3 | Malicious Insiders | - Not a threat, a vulnerability. It is not mapped to any regulation |
4 | Shared Technology Issues | - The authors mapped the threat to ISO 27000–27002 and PCI-DSS compliance. We believe that this threat can also be mapped to other regulations |
5 | Data Loss or Leakage | - The authors mapped this threat to ISO 17826 and HIPAA compliance. We believe that this threat can also be mapped to other regulations |
6 | Account or Service Hijacking | - There is no clear mapping between this threat and available regulations |
7 | Unknown Risk Profile – it includes transparency, maintenance responsibility, software version, and fixes | - The mapping between regulations and this threat is not clear. |