Democracy and Capitalism Essay - 1719 Words

Democracy and Capitalism Those who live in America enjoy freedom because America is a democratic nation in which the people hold the power. Is this statement truly a reality? One must consider the fact the United States is also a capitalist society and this has changed the face of democracy. Can we honestly say that the citizens of the United States hold the power when we consider the actual state of the political system? Upon closer examination, it appears that the majority of decisions made in this country are based in the interest of capitalism. From corporate funding for political candidates to the monopoly of ourinformation systems, the current political system in America is deeply rooted in capitalism which has taken†¦show more content†¦19). Presently, the political arena is one where the influence of capitalism is apparent because money seems to be a driving force behind the scene. If we lived in a democracy, running for president would be open to everyone, not just to those who can afford to spend millions on their campaigns. This need for money to gain an edge as a candidate demonstrates the connection between government and business. Candidates need financial backing from companies, creating a situation in which candidates feel obligatedto makesure they do everything in their power to meet the needs of the companies. This political to corporate connection puts power in the hands of those who financially support the candidate, not to those who vote for the candidate. There is a common understanding that a strong connection exists between mass communication and democracy (ONeil, 1999, p. 1). The connection is that for a democracy to function there must be open access to information. Without the existence of alternative viewpoints people would not be able to make informed decisions, therefore, it couldnt be considered a real democracy. In America we are given the right to freedom of the press, which is supposed to insure that we will have access to several viewpoints. In a society where capitalism and corporationsShow MoreRelatedDemocracy : The Causes Of Capitalism And Democracy1167 Words   |  5 PagesThe question of whether democracies create capitalism, or the other way around, I think is too simple and ignores the circumstances in which both are initially created. Historically, it was changes in the economic system and in structures of society, without appropriate simultaneous shifts in the government structure, that created enough ten sion within societies to warrant a complete reconstruction of governmental institutions. I tend to think that democracy does not have the potential to reallyRead MoreCapitalism vs Democracy2344 Words   |  10 PagesCapitalism and Democracy The political system and the economic system of the United States have been intertwined since the very founding of our country. Although there are many different views on how well the systems work or how they function, this has been a common thought shared by all different sides. Some have an optimistic view of capitalism, while others feel as though capitalism favors too few people. Two major points of view, the conservative and the â€Å"reform† liberal, describe how capitalismRead MoreCommunism, Democracy, And Capitalism3017 Words   |  13 Pages communism was battling with democracy. It was one of the most emotionally charged war, and time, in American, and possible the globes history. There was great fear of a global nuclear conflict, that would leave thousands dead, and essentially ending the world as we had ever know it. I will cover the history that is the cold war, and delve into the philosophies of the two main nations involved. I will be comparing the ideas behin d communism, democracy, and capitalism. When World War II ended itRead MoreThe Relationship Between Capitalism And Democracy2286 Words   |  10 PagesThe relationship between capitalism and democracy has been defined by many as fundamental complementary ideologies, and social scientists have discovered an undeniable link between the two structures with some suggesting that â€Å"where either capitalism or democracy flourishes, the other must soon follow† (Reich, 2007). Currently, the main form of modern democracy is polyarchal democracy which originated from the Greek word polyarkhe, meaning ‘many rule’. This infers that multiple people within a governmentRead MoreMedia And Society : Technology, Democracy And Capitalism1747 Words   |  7 Pages University of Maryland; Bettina Fabos, University of Northern Iowa and Julie Frechette, Worcester State University. It serves as an analysis of the perpetual relationship between media and society through three key concepts: technology, democracy and capital ism. These themes are connected throughout the entire book, but more than anything, Media in Society focuses on storytelling. As it targets a diverse audience, it does an excellent job exploring different stories the mass media tells and theRead MoreWorkforce Education : The Nexus Between Capitalism And Democracy780 Words   |  4 PagesEducation: the Nexus between Capitalism and Democracy. She discusses how democracy and capitalism are at odds on the subject. Her article surmises key players in the debate including Thurow, Prosser and Dewey. While summarizing the varying views, she concludes that democracy and capitalism have managed to survive and even flourish together for many years and that human capital is a key component in both views. Summary Wendy Gilpin believes that capitalism and democracy appear to be the aspirationRead More Unregulated Capitalism Undermines the Legitimacy of Liberal Democracy2355 Words   |  10 Pagesgood is questionable. Since the resurgence of unregulated capitalism in the late 20th century, social inequalities have grown significantly, with one percent of the most powerful countries attaining more wealth than half the world (Dunklin 2). Canada’s income gap has also risen, exacerbating morbidity and mortality (Bryant 47). However, the extent that government should reduce social inequities is controversial in a liberal democracy, which prioritizes economic freedom. That being said, socialRead MoreDoes Size And Growth Of These Two Nations Have Any Relation? Capitalism And Democracy?2381 Words   |  10 Pagesnations have any relation to capitalism and democracy? Democracy and Economic Growth: Is democracy excellent for the economic growth? Democracy is a multifaceted concept, a political structure based ahead the right of citizens to take part in political decision making during representation; whereby simply laws essential to continuing democratic procedures are compulsory standard to terming a state democratic. The free marketplace represents a superlative model of capitalism, since it denotes the mostRead MoreThe changing of Democracy Essay1124 Words   |  5 Pagescultures have evolved, the ideas of government and democracy have evolved as well. The economic and cultural status of a time period affects how people perceive their government. Living in a capitalist nation does not necessarily mean that democracy is non-existent. However, it does not mean that democracy in the nation has been fully formed and developed. The capitalist economy is altering the beliefs of what it means to be a democratic nation. Democracy gives power to the people. However, culturalRead MoreCapitalism: A Love Story Essay1063 Words   |  5 Pagespromotes capitalism enables businesses to gain wealth at the expense of the consumer’s wealth. Ultimately this becomes a question of morality as these corporations reap the money from hardworking citizens for the purpose of greed and exploitation of the free market economy. In the film, Capitalism: A love story, the film makers use conventions and point of view to show that capitalism in America is an evil that is better replaced by democracy. Michael Moore warns everyone that promoting capitalism will

Keyword Blackjack Free Online Game Essay - 1002 Words

Keyword: Blackjack Free Online Game Get the latest list of sites that offer blackjack free online game along with sensible reasons for playing online. Practice Your Blackjack Free Online Game What is Blackjack? Blackjack is an exciting online casino game enjoyed by most players across the globe. In the game, the players make an attempt to specific cards in order to make their score reach a total face value of 21 points or more. Blackjack attracts skilled people. This is considered to be one of the most popular games across the globe. Nothing is quiet clear about inception and invention of this game. Many games have been developed on the basis of blackjack. One such example includes the game of Baccarat. Blackjack has much number of variants. Practicing Blackjack Before you begin practicing blackjack, it is important for you to get yourself acquainted with the rules that need to be adhered to throughout the game. Basic rules of blackjack are given as under: Blackjack is all about beating the opponent with maximum score. The opponent here in most cases is the dealer. The game starts with allotment of cards by the dealer. He allots two face up cards to each player and once he is done distributing the face up cards to all the players, he will allot himself two cards. One out of which will be a face up card and other will be a face down card. The face down card is known as Hole card. You hit a blackjack is you get an ace along with 10 on the other card. Then there isShow MoreRelatedOnline Games Vs. Free Computer Games1051 Words   |  5 PagesKeyword: Free Computer Games Discover best Free Computer Games Discover best Free Computer Games supported by various gaming softwares developed by top gaming solutions companies. Free Computer Games for Gambling Online Free computer games are pretty popular amongst digital gaming enthusiasts across the world. These games are supported by almost all the top gaming solutions companies. Read on to find out which gaming solutions company supports best computer games for free. Free Computer Games by

IT Risk Assessment Report for Aztek

Question: Discuss about the Case Study for IT Risk Assessment Report for Aztek. Answer: Introduction The report will discuss the topic Migrating business-critical applications and their associated data sources to an external cloud hosting solution. Purpose: The purpose of this IT risk assessment report is to evaluate the adequacy of Aztek project related to using an external cloud service solution for deploying their data and business critical applications. The risk assessment will provide a detailed evaluation of this operational environment. The report will address the following aspects in relation IT risks and control measures and provide analysis and discussions: Review of the financial services sector in relation to this project. Some of the best practices and government or industry regulation and compliance are explored. Discuss the security posture of the project in terms of current IT security procedures. An evaluation of risk based on threats, vulnerabilities and consequences obtained from an IT control framework in relation to the chosen project. Assessment of risks related to data security. Scope: The risk assessment will address the risks related to using an external cloud hosting provider for migration of business applications and databases. The usage of the system and its resources must be planned prior to implementation to protect data and applications from possible vulnerabilities, threats (internal and external) and other attack problems. This is important because if the data and vulnerabilities are not addressed, then Aztek will face negative business impact such as, Unauthorized access to data and applications (Zissis Likkas, 2012) Unauthorized modification of information and systems Services and access denied to authorized users Business critical data and applications are lost Due to the over dependency on IT systems and networks by Aztek, and its strategic initiatives on business expansion plans, the management decides to deploy their data and applications in a cloud service. Cloud services offer immense benefits in terms of IT management and efficiency, at the same time they have their own set of risks and problems. The report will explore existing best practices related to security safeguards with the aim of supporting the management in deciding on security related initiatives for Aztek. A brief review of cloud migration by financial services sector and best practices In recent years cloud computing has grown significantly due to its cost efficiencies and an attractive alternative to in-house IT infrastructure (Khajeh-Hosseini, Greenwood, Sommerville, 2010). At an operational level using cloud service in the organization will improve innovation by freeing up resources internally and helps the company to focus on core business activities (Garrison, Kim, Wakefield, 2012). Further, clouds are interoperable, offer collaboration and also provide immense potential for financial services to enhance their customer relationships at high levels. These benefits influenced the management in Aztek to migrate their applications and data sources to the cloud (Stamford, 2012). In spite of all the benefits, cloud services are vulnerable to IT risks (Shaikh Haider, 2011). Aztek prior to migrating all their data sources and applications to the cloud must deeply assess IT and cloud-related security aspects such as threats, confidentiality, data integrity, auditability and other compliance aspects. Therefore it becomes highly essential for Aztek to clearly understand the risks in cloud migration and must define necessary controls to protect all information assets before business critical data sources are deployed on the cloud (Heiser Nicolett, 2008). In cloud computing security, privacy issues and legal matters are widely acknowledged. Most of the security and privacy issues are usually due to users lack of control over the physical infrastructure (Subhashini Kavitha, 2011). Since most of these issues are not directly related to cloud, security issues arise due to web browsers and web services on the internet. Since cloud computing systems make use of world- wide-web for its services, security threats are a significant aspect in cloud migrations (Jensen, Schwenk, Gruschka, Iacono, 2009). The presence of technology on the internet and huge repositories of data are always an attractive target for hackers (Mondal Sarddar, 2015). This is important for Aztek because once data is migrated it can be a target, however, cloud security measures are provided by the cloud service provider. In addition to this data is stored in multiple locations (data centers), this can limit the damage caused by attacks on the web. Therefore, it is important to note that Aztek may not focus on having an internal IT department to manage their security for data and applications but at the same time, ensure adequate agreements are in place for securing their data in the cloud (Biswas, 2011). Cloud Security Alliance (CSA) which is an industrial group founded by big cloud vendors is formed to develop security best practices and guidelines for companies adopting cloud computing services for their operations. The guidelines provide directions for consumers (Aztek) to consider security related problems and issues that must be considered during migration. The guidelines are written for a wide range of areas such as encryption, portability, interoperability and risk management (CSA, 2009). In addition to CSA, the European Network and Information Security Agency (ENISA) published a report to highlight the security issues normally found in cloud computing (Catteddu Hogben, 2009). According to ENISA security issues can be categorized into, Issues related to policy and organizational matters, compliance challenges, vendor lock-in (Kshetri, 2013) and so on. Risks from technology such as data leakage, loss of encryption keys, denial of services to authorized users, authentication procedures, etc. (Kulkarni, et al. 2012). Legal risks in cloud migration mostly relate to data protection and software licensing matters (So, 2011). In addition to the above, there are risks due to hardware failure, natural calamities like earthquakes, floods, etc. In spite of this risk categorization it must be understood that security in the cloud is much easier to implement because data protection, privacy, and availability are handled by the cloud provider (James, 2010) and can be further strengthened by defining service level agreements. Looking into the above aspects, Aztek can consider cloud deployment of their data and applications because of the fact cloud offers an advantage compared to developing an in-house security system (Armbrust, et al., 2009). Exploring the cloud migration adoption trends in the finance sector, it can be found that many financial organizations look for infrastructure and software services on the cloud (Garg, Versteeg, Buyya, 2013). This is because financial services cater to a range of users and services to include mobile applications, retail banking systems, online transactions, credit risk analysis solutions and high-performance computing. Further, since cloud infrastructures are developed based on industry best practice such as ITIL, COBIT, CMMI, etc., the aspect of compliance are also handled by the cloud service (Shen, et al. 2013). However, financial organizations such as Aztek must carry out a standard risk analysis to ensure their data and applications are secured in cloud-based services. Every country has its own set of compliance and security requirements and frameworks when it comes to user privacy, confidentiality, and integrity (Barlow, 2016). In the case of Australia, the following guidance, strategies, policies and standards (Policy, 2014) are available: Australian government data center strategy 2010-2015 which aims to improve data center facilities Australian government big data strategy for better service delivery Cloud computing regulatory stock take Cloud security considerations Guide to implementing cloud services Negotiating the cloud, legal issues in cloud computing agreements Records management in cloud Australian government standards by the Joint Technical Committee The above regulations, guidance, and policies must be evaluated by Aztek before deploying their data and applications with the cloud provider. Assessment of current security posture and mitigation actions In the current scenario, the number of attacks and threats against both private and public organization are rising and at the same time becoming more sophisticated and complex (Tankard, 2011). In order to deal with these threats, Aztek must effectively prioritize and develop security measures by determining which of their assets are most likely to be affected while deploying them in the cloud. A security posture must be maintained at good levels for Aztek to operate effectively in current financial industry scenario. Therefore, developing a matured information security model will depend on effective risk-based decision making. The strategy for developing effective risk-based decision making will be reliant on the evaluation of different information security risk factors. At the same time, understanding these risk factors could be quite challenging (Webb, et al. 2014). The first step for Aztek is to evaluate the existing security scenario to identify gaps and threats and minimize loss for the company. The evaluation of existing gaps is done by determining specific risks that are specific risks that threaten business interests of Aztek. The specific risk issues will include understanding security attacks, internal and external threats and associated problems to business due to compromise of technology (Gonzalez, et al. 2012). Risk evaluation methodology can be structured as four distinct phases (Munnasar Govardan, 2010) for the company. This includes, Analyzing risks in resources, controls, threats and vulnerabilities Implementing security countermeasures through management decisions Implementing countermeasures and procedures in the company Reviewing the risk management program periodically Detailed analysis of threats, vulnerabilities and risks are identified for Aztek in the above phases, For instance, asset identification will identify system resources within the system boundary which requires protection. In the case of Azek, the data and information resources require protection from different forms of threats. The application will also require protection from attacks and misuse by users (Chen Zhao, 2012). Evaluating the weaknesses in IT design, security procedures, implementation and internal controls must be authorized by security experts within the organization (Jaferian, et al. 2014). Threat identification will provide projected threats that are applicable to the system in the company. For instance, threats such as virus attacks, malware, denial of service attacks, or packet sniffing and modification are some of the threats that can negatively impact information assets in Aztek. The security posture will determine the requirements needed for each department in the company. The IT unit will identify security requirement that is specific to software, hardware, networks and operating systems that are identified under information assets. The method of evaluating security threats that affect the confidentiality, integrity and availability of the system or cloud service is made to recommend appropriate security safeguards, management of security measures, implementation, and other security related initiatives (Rosado, et al. 2012). In addition to evaluations, controls are implemented for gaining confidence in the existing security posture. Some of the important security controls include, Management controls which manage IT for its risks and its acceptance (Spears Barki, 2010). Operational controls that focus on mechanisms implemented and executed by people. This will also include physical security, safeguarding of all media and inventory (Julisch Hall, 2010). Technical controls will provide automated protection to systems or applications. This can include implementing anti-virus software, establishing authentication procedures, deploying firewalls, etc. to protect information stored in systems (Bohn, et al. 2011). After having identified the information assets and analyzing them for adverse effects to business, the system sensitivity requirements and security of the related asset are determined. The severity of impact or loss is determined by three main aspects of user confidentiality, integrity, and availability. For instance, confidentiality will protect users and data from unauthorized disclosure (Kurtz Vines, 2010). Integrity will provide protection from unauthorized or unintentional modification and will verify data for its correctness from the point of origin to the point of receipt of a message (Luo Bai, 2011). Authenticity is also closely related to data integrity (Medic Golubovic, 2010) which verifies if the data is subject to some form of attack during transit. Lastly, availability will ensure the data and information are available to all authorized users to fulfill business requirements (Yu, et al. 2010). The risk level for each of these impacts can be further categorized under l ow, moderate or high depending on the level of impact to Azteks business objectives. Some of the threat mitigation measures followed in financial services includes, Use of better data encryption tools A mechanism for incident reporting Using better auditing tools for increasing transparency Clarity on liability and responsibility for both Aztek and the cloud service provider Tools for improving privacy Remote audit of services Receive logs in real time Better solution for data classification In addition to the mitigation measures, there are much more which must be considered when Aztek will consider in their decision to migrate to the cloud. By establishing a confident security posture and evaluating their assets, the company will be able to successfully assess confidentiality, integrity and availability aspects for implementing cloud services in their office. It is also important to note that by having a good idea of their comfort level while transitioning into the cloud, the company will be able to transition to the right service model that will fit their risk tolerance. An assessment of IT risks for Aztek This section will provide an assessment of threats, vulnerabilities, and attacks. Some of the top threats available on the internet include, Malicious code or malware (Worms, Trojans, etc.): These threats steal user data and are common in business IT environment. Malware is becoming more sophisticated and affects sensitive components and also erases all trace making it difficult for law enforcement agencies to investigate an affected system or network. Some types of malware are known as banking Trojans which capture user information and steal passwords, account information, etc. (Ligh, et al. 2010). Web application attacks consist of feeding vulnerable servers and mobile apps with malicious data to alter site content or breach information. This type of attack is slowly increasing (Stuartard Pinto, 2011). Denial of service attacks will prevent access to authorized users requesting a service from the system or network. Recently denial of service attacks has grown in sophistication and combined with another type of attacks namely virus activation, data or intellectual property theft, financial theft and so on (Beitollahi, Deconinck, 2012). Data breach refers to the loss of personal data on the internet. Often valuable information is lost for a user and mostly results in financial impact. A data breach can also occur due to erroneous or inadvertent actions by a user leading to disclosure of all confidential information. A data breach can be understood as an abuse of information by attackers (Romanosky, Hoffman Acquisti, 2014). Insider threat or insider attack is often a result of abuse by an existing employee or an ex-employee having access to critical data in the system. Insider threats can occur when a user will bypass security controls using his/her access rights to overcome existing protection. Often the best way to identify insider threats is to successfully track system logs to understand user behavior in the system. Insider threats result in high impact similar to external threats and system administrators must keep an eye on peoples behaviour to detect patterns of system usage (Kandias, Virvilis, Gritzalis, 2011). Identity theft and fraud is another risk where the attacker steals a user password and gains access to the system like an authorized user. This type of threat is usually common in financial transactions and data (Finklea, 2010). Risk management strategies, policies and procedures must consider the above threats and vulnerabilities and overcome uncertainties by measuring, managing and mitigating threats (De Bakker, K., Boonstra Wortmann, 2010). IT risk management will provide a means of IT resources and decision making in Aztek to deliver confidentiality, integrity and availability of information assets. Confidentiality is the primary goal of cloud computing systems and refers to the availability of data and applications to all users from anywhere, anytime and on any device. Cloud systems make use of redundancy and hardening strategies to improve the availability of all applications hosted on it. Confidentiality refers to keeping users data secured from unauthorized access in cloud systems. The confidentiality of cloud systems is quite challenging because applications or data in the cloud are exposed to more attacks due to their access from the internet which is a public network. Some companies make use of private cloud which provide more secure and restricted access through the internet. Hence, keeping in view of confidentiality of users, cloud vendors adopt cryptography and encryption standards which must be detained in service agreements by Aztek and the cloud service provider. Data integrity is another aspect which is fundamental to cloud service. Integrity refers to the preservation of information from possible loss or abuse by unauthorized or authorized users in the system. Data integrity will also be defined in the contracting agreements between the company and the service provider. Migrating business applications and data to cloud involve risks such as lack of availability, inadequate performance and external and internal threats. In some scenarios or instances, it may be noted that the security offered by the cloud service provider may be adequate for that purpose. The regulatory compliance and standards and frameworks such as ISO, ITIL, etc. are easily available with cloud service providers (Ding, 2015). However, it is always best to have adequate policies and standards within the organization to protect business critical information and assets on the cloud. After the risks and mitigation practices are considered, data and applications can be migrated to the cloud. At this time appropriate controls must be established at all levels viz, managerial, operational and technical. Adequate controls are required to regulate the use of data and applications, its infrastructure and the system. One control mechanism can be typically providing access control for users ( Kuhn, Coyne Weil, 2010). The control allows users to access the application and trust the identity of the information. In cloud, all applications will keep track of authorized users. This is done by user-centric access control, in which every user request to the service provider is integrated with the user identity and his/her entitlements. By providing user-centric controls, the aspects of confidentiality and trust are maintained in clouds (Onankunju, 2013). Risk management in Aztek will follow a framework that continually evaluates risks to ensure its security posture is confident and robust. The following points may be considered: A analyze the impact and categorize information stored, processed and transmitted in the cloud service for Aztek Establish a set of security controls for risks, local conditions and assessments (Aleem Ryan, 2012). Having controls in agreements with cloud service provider will help Aztek to have more robust security. Review controls to verify if they are meeting security needs Establish access controls as appropriate for all users in Aztek. Periodically monitor security controls, this is an ongoing activity. Risk assessment is highly critical for business operations and is an ongoing activity. Data security, peoples role in Cloud for Aztek Using a cloud solution implies the employees of the cloud provider will have the ability to use Azteks data and applications. This is important to consider because the cloud provider usually allows the company availing services to assign and manage roles and associated levels of authorization of each of their user in concurrence to their security policies. The roles and authorization rights can be provided for per resource, service or application, and different areas of data can have restricted access. For example, an employee can post transactions to the database, whereas another user can only generate reports from the system. This type of access controls is highly important in cloud migration (Padhy, Patra, Satapathy, 2011). In addition to access control and user levels, the cloud provider can provision unique identities for Azteks users and services. This function can be configured to support access to a resource or support customer applications. At the same time, a user regardless of his/her role must be monitored and logged in the system for the purposes of auditing of customer data and applications. The following points may be noted in relation to managing peoples access and controls: Administering Azteks users, the cloud provider can support delegated identification. This is done through the process of identity provision and delegation. Aztek can consider the process of identity across applications by providing single-sign-on to provide users with access to all applications and services. This can be revisited and user access can have multiple signs on with appropriate controls in each application. This can be defined in agreement with the cloud provider. Aztek can consider the need for auditing and logging reports to monitor their service usage to fulfill compliance with regulations. The cloud provider will make available all system and application logs with Aztek for auditing purposes. Data is highly critical for financial companies such as Aztek. Authentication mechanisms must be strong to access high-value assets hosted in the cloud. This shall ensure user privacy and confidentiality of all Azteks information. Therefore, it may be noted that data is the core of all IT security issues in any organization and in whatever infrastructure it is stored. Cloud computing systems offer immense benefits, however, the security issues and problems remain the same. In clouds, data risk is of various forms such as unauthorized disclosure, tampering, internal threats, unauthorized modification of data, the risk of data loss and so on. Another aspect to note in the cloud is that data must be protected at rest and in motion (while transferred in a network). This must be considered in migrating to cloud systems, and encryption standards help in securing data in motion. In the cloud the term data also refers to applications and software where all the risks related to data apply. The need for Aztek will be to Perform an internal assessment to understand the problems in IT risks Evaluate cloud services for their service offering, especially in the area of data and applications Perform a thorough review of all aspects related to risks in migrating data and applications to the cloud Develop adequate security measures and test them for cloud migration. Ensure to have substantial service agreements defined with the cloud provider to protect business interests of Aztek. Conclusions The report analyzes the problems and risks of migrating data and business critical applications to a cloud provider for Aztek. The report provides a review of how cloud systems are used by the financial sector and the problems faced. The existing security posture for the company is reviewed and suggestions provided while reviewing the problems of security risks. The risk assessment provides brief discussions on the type of threats available in cloud migration in general. The data security aspects in the report provide risks with the view of how data can be secured and usage within Aztek. References Aleem, A., Ryan Sprott, C. (2012). Let me in the cloud: analysis of the benefit and risk assessment of cloud platform.Journal of Financial Crime,20(1), 6-24. Armbrust, M., Fox, A., Griffith, R., Joseph, A., Katz, R., Konwinski, A., et al. (2009). Above the Clouds: A Berkeley View of Cloud Computing. Technical Report. University of California at Berkeley. Barlow, B. (2016). ?How Financial Services Protect Their Users. Retrieved October 10, 2016, from CSO: https://www.cso.com.au/article/608062/how-financial-services-protect-their-users/ Beitollahi, H., Deconinck, G. (2012). Analyzing well-known countermeasures against distributed denial of service attacks.Computer Communications,35(11), 1312-1332. Biswas, S. (2011). Is Cloud Computing Secure? Retrieved October 10, 2016, from Cloud Tweaks: https://cloudtweaks.com/2011/01/the-question-should-be-is-anything-truly-secure/ Bohn, R. B., Messina, J., Liu, F., Tong, J., Mao, J. (2011, July). NIST cloud computing reference architecture. In2011 IEEE World Congress on Services(pp. 594-596). IEEE. Catteddu, D., Hogben, G. (2009). Cloud Computing: benefits, risks and recommendations for information security. Technical Report. European Network and Information Security Agency. CSA. (2009). Security guidance for critical areas of focus in cloud computing. Cloud Security Alliance. Chen, D., Zhao, H. (2012, March). Data security and privacy protection issues in cloud computing. InComputer Science and Electronics Engineering (ICCSEE), 2012 International Conference on(Vol. 1, pp. 647-651). IEEE. De Bakker, K., Boonstra, A., Wortmann, H. (2010). Does risk management contribute to IT project success? A meta-analysis of empirical evidence.International Journal of Project Management,28(5), 493-503. Ding, Y. (2015). Service Delivery Standards (ITIL, COBIT, ETOM, ISO/IEC 20000, Etc.).Wiley Encyclopedia of Management. Finklea, K. M. (2010).Identity theft: Trends and issues. DIANE Publishing. Garg, S. K., Versteeg, S., Buyya, R. (2013). A framework for ranking of cloud computing services.Future Generation Computer Systems,29(4), 1012-1023. Garrison, G., Kim, S., Wakefield, R. L. (2012). Success factors for deploying cloud computing.Communications of the ACM,55(9), 62-68. Gonzalez, N., Miers, C., Redigolo, F., Simplicio, M., Carvalho, T., Nslund, M., Pourzandi, M. (2012). A quantitative analysis of current security concerns and solutions for cloud computing.Journal of Cloud Computing: Advances, Systems and Applications,1(1), 1. Heiser, J., Nicolett, M. (2008). Assessing the Security Risks of Cloud Computing . Gartner Research. ID Number: G00157782. Jaferian, P., Hawkey, K., Sotirakopoulos, A., Velez-Rojas, M., Beznosov, K. (2014). Heuristics for evaluating IT security management tools.HumanComputer Interaction,29(4), 311-350. James, B. (2010). Security and privacy challenges in cloud computing environments. Jensen, M., Schwenk, J. O., Gruschka, N., Iacono, L. L. (2009). On Technical Security Issues in Cloud Computing. IEEE International Conference on Cloud Computing (CLOUD-II 2009), Bangalore, India , 109-115. Kandias, M., Virvilis, N., Gritzalis, D. (2011, September). The insider threat in cloud computing. InInternational Workshop on Critical Information Infrastructures Security(pp. 93-103). Springer Berlin Heidelberg. Khajeh-Hosseini, A., Greenwood, D., Sommerville, I. (2010, July). Cloud migration: A case study of migrating an enterprise it system to iaas. In2010 IEEE 3rd International Conference on cloud computing(pp. 450-457). IEEE. Kshetri, N. (2013). Privacy and security issues in cloud computing: The role of institutions and institutional evolution.Telecommunications Policy,37(4), 372-386. Kuhn, D. R., Coyne, E. J., Weil, T. R. (2010). Adding attributes to role-based access control.IEEE Computer,43(6), 79-81. Kulkarni, G., Gambhir, J., Patil, T., Dongare, A. (2012, June). A security aspects in cloud computing. In2012 IEEE International Conference on Computer Science and Automation Engineering(pp. 547-550). IEEE. Krutz, R. L., Vines, R. D. (2010).Cloud security: A comprehensive guide to secure cloud computing. Wiley Publishing. Ligh, M., Adair, S., Hartstein, B., Richard, M. (2010).Malware analyst's cookbook and DVD: tools and techniques for fighting malicious code. Wiley Publishing. Luo, W., Bai, G. (2011, September). Ensuring the data integrity in cloud data storage. In2011 IEEE International Conference on Cloud Computing and Intelligence Systems(pp. 240-243). IEEE. Medic, A., Golubovic, A. (2010). Making secure Semantic Web.Universal Journal of Computer Science and Engineering Technology,1(2), 99-104 Mondal, R. K., Sarddar, D. (2015). Utility Computing.International Journal of Grid and Distributed Computing,8(4), 115-122. Munassar, N. M. A., Govardhan, A. (2010). A comparison between five models of software engineering.IJCSI,5, 95-101. Onankunju, B. (2013). Access control in cloud computing. International Journal of Scientific and Research Publications , 3 (9). Padhy, R. P., Patra, M. R., Satapathy, S. C. (2011). Cloud computing: security issues and research challenges.International Journal of Computer Science and Information Technology Security (IJCSITS),1(2), 136-146. Policy, A. G. (2014). Smater ICT Investment, Version 3.0. Canberra, Australia: Government of Australia. Stamford, C. (2012, September). Gartner Says Worldwide Cloud Services Market to Surpass $109 Billion in 2012. Retrieved October 10, 2016, from Gartner Newsroom: https://www.gartner.com/newsroom/id/2163616 Romanosky, S., Hoffman, D., Acquisti, A. (2014). Empirical analysis of data breach litigation.Journal of Empirical Legal Studies,11(1), 74-104. Rosado, D. G., Gmez, R., Mellado, D., Fernndez-Medina, E. (2012). Security analysis in the migration to cloud environments.Future Internet,4(2), 469-487. Shaikh, F. B., Haider, S. (2011, December). Security threats in cloud computing. InInternet technology and secured transactions (ICITST), 2011 international conference for(pp. 214-219). IEEE. Shen, Y., Li, Y., Wu, L., Liu, S., Wen, Q. (2013). Trusted Cloud Initiative Reference Architecture.Enabling the New Era of Cloud Computing: Data Security, Transfer, and Management: Data Security, Transfer, and Management, 78. Stuttard, D., Pinto, M. (2011).The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws. John Wiley Sons. Spears, J. L., Barki, H. (2010). User participation in information systems security risk management.MIS quarterly, 503-522. So, K. (2011). Cloud computing security issues and challenges.International Journal of Computer Networks,3(5). Subashini, S., Kavitha, V. (2011). A survey on security issues in service delivery models of cloud computing.Journal of network and computer applications,34(1), 1-11. Tankard, C. (2011). Advanced persistent threats and how to monitor and deter them.Network security,2011(8), 16-19. Webb, J., Ahmad, A., Maynard, S. B., Shanks, G. (2014). A situation awareness model for information security risk management.Computers security,44, 1-15. Yu, S., Wang, C., Ren, K., Lou, W. (2010, March). Achieving secure, scalable, and fine-grained data access control in cloud computing. InInfocom, 2010 proceedings IEEE(pp. 1-9). Ieee. Zissis, D., Lekkas, D. (2012). Addressing cloud computing security issues.Future Generation computer systems,28(3), 583-592