• Home
• News
  • Business Continuity News
  • Regional news
  • Sector news
  • Events Diary
  • Newsletters
  • Newsfeed
• Jobs
• Topics
  • BC: Facilities & Buildings
  • BC: General
  • BC: Markets & Companies
  • BC: Plan Development
  • BC: Software
  • BC: Statistics
  • BC: Testing & Exercising
  • Crisis Comms & Management
  • Critical Infrastructure Protection
  • Disaster Recovery
  • Emergency Management
  • Enterprise Risk Management
  • Operational Risk Management
  • Pandemic Planning
  • PS Prep
  • Standards
  • Terrorism
• Technology
  • Cloud Computing
  • Data Center / Centre Issues
  • ICT Continuity
  • Information Security
  • Recovery Facilities
• Resources
  • Webinars
  • BC software directory
  • Newsfeed
  • Twitter
  • Advanced BC information
  • Advanced ICT information
  • Basic BC information
  • Basic ICT information
  • How to advertise
  • About us
  • Contact us
  • Privacy
• Newsletters
• Training

WELCOME TO THE CONTINUITY CENTRAL ARCHIVE SITE

Please note that this is a page from a previous version of Continuity Central and is no longer being updated.

To see the latest business continuity news, jobs and information click here.

How to implement incident reporting in cloud computing…

A new ENISA report provides advice on how to implement incident reporting in cloud computing. ‘Incident Reporting for Cloud Computing’ looks at four different cloud computing scenarios and investigates how incident reporting schemes could be set up, involving cloud providers, cloud customers, operators of critical infrastructure and government authorities.

Using surveys and interviews with experts, ENISA identified a number of key issues:

• In most EU Member States, there is no national authority to assess the criticality of cloud services.
• Cloud services are often based on other cloud services. This increases complexity and complicates incident reporting.
• Cloud customers often do not put incident reporting obligations in their cloud service contracts.

The report contains several recommendations,including:

• Voluntary reporting schemes hardly exist and legislation might be needed for operators in critical sectors to report about security incidents.
• Government authorities should address incident reporting obligations in their procurement requirements.
• Critical sector operators should address incident reporting in their contracts.
• Incident reporting schemes can provide a ‘win-win’ for providers and customers, increasing transparency and, in this way, fostering trust.
• Providers should lead the way and set up efficient and effective, voluntary reporting schemes.

Read the report.

•Date: 20th January 2014 • Europe/UK •Type: Article • Topic: Cloud computing

Sign up for Continuity Briefing, our weekly roundup of business continuity news. For news as it happens, subscribe to Continuity Central on Twitter.