The Cloud Compromise

SCENARIO: One of your organization’s internal departments frequently uses outside cloud storage to store large amounts of data, some of which may be considered sensitive. You have recently learned that the cloud storage provider that is being used has been publicly compromised and large amounts of data have been exposed. All user passwords and data stored in the cloud provider’s infrastructure may have been compromised.
What is your response?
Discussion questions
• Does your organization have current polices that consider 3rd party cloud storage?
• Should your organization still be held accountable for the data breach?
• What actions and procedures would be different if this was a data breach on your own local area network?
• What should management do?
• What, if anything, do you tell your constituents?
o How/when would you notify them?
Processes tested: Incident response
Threat actor: External threat
Asset impacted: Cloud