Scribd
Upload
13 views

Cloud_Security_Zero_Trust_Presentation

The document is a report on Information Security Risk Assessment focusing on Cloud Security and Zero Trust Architecture. It outlines the importance of Zero Trust in mitigating risks such as unauthorized access and data breaches, and provides a structured approach including risk identification, analysis, penetration testing, and security policy recommendations. The conclusion emphasizes the necessity of combining industry standards with robust security measures to enhance cloud security.

Uploaded by

stevethuku06
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
13 views

Cloud_Security_Zero_Trust_Presentation

The document is a report on Information Security Risk Assessment focusing on Cloud Security and Zero Trust Architecture. It outlines the importance of Zero Trust in mitigating risks such as unauthorized access and data breaches, and provides a structured approach including risk identification, analysis, penetration testing, and security policy recommendations. The conclusion emphasizes the necessity of combining industry standards with robust security measures to enhance cloud security.

Uploaded by

stevethuku06
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 10

 Information Security Risk Assessment

Cloud Report
Security &  Student Name
Zero Trust  Module Name: Information Security
Architectur  Module Code: 402IT
e  Assignment Due: 28th March 2025
 1. Introduction
 2. Risk Identification
 3. Risk Analysis & Evaluation

Table of  4. Penetration Testing & Report

Contents  5. Security Policies for Zero Trust


 6. Findings & Recommendations
 7. Conclusion
 8. References
 Cloud Security adapts to cyber threats
like unauthorized access & data breaches
(Laptev & Feyzrakhmanova, 2024).
 Zero Trust Architecture (ZTA) ensures
strict access control, continuous
verification, & minimum privilege policies
(Teerakanok et al., 2021).
Introductio
n

Zero Trust Security Model in Cloud Security – Cloudwithease from


https://www.google.com/url?sa=i&url=https%3A%2F%2Fptop.only.wip.la%3A443%2Fhttps%2Fcloudwithease.com%2Fzero-trust-
security-model-in-cloud-security
%2F&psig=AOvVaw1Ae5vVFiJmq6Z3D2OdgtYS&ust=1743257994581000&source=images
&cd=vfe&opi=89978449&ved=0CBUQjRxqFwoTCJjI5bX8rIwDFQAAAAAdAAAAABAE
Risk What Is Zero Trust Architecture? Zero Trust Security from
Identificati https://
www.strongdm.com/hubfs/21126185/StrongDm_January2022
 Cloud environments face risks from
on /Images/6205348b9dea446f6c1bea2e_zero-trust-architectur
e.jpeg
misconfigurations, weak access
controls, & insider threats (Ahmadi,
2024).
 Key assets: Cloud infrastructure, IAM
systems, Data storage &
applications.
 Unauthorized access & API
vulnerabilities are major concerns
(He et al., 2022).
 Ransomware threats due to
Risk insufficient backups (Alevizos, Ta &
Analysis & Eiza, 2021).
Evaluation  Industry Standards: NIST RMF &
Cloud Security Alliance (Seymour,
2023).
Cloud Security Testing: 10 Best Practices
from https://
www.techmagic.co/blog/content/images/2023/09/
Cloud-Security-Testing-7.png

Penetratio
n Testing
 Simulates cyberattacks to detect
system vulnerabilities (Alevizos, Ta &
Eiza, 2021).
 Tools: Kali Linux, Metasploit, Burp
Suite, OWASP ZAP.
 Findings categorized as Critical, High,
Medium, Low risks.
 Implementation of:
 - Multi-Factor Authentication (MFA)
 - Role-Based Access Control (RBAC)
Security
 - Data Encryption & Regular Audits (Edo
Policies et al., 2023).
for Zero
Trust
 Security flaws include weak IAM
configurations, unprotected APIs, and
data exposure risks (Ojo, 2025).
Findings &  Recommendations:
Recommendat  - Strengthen authentication methods
ions
 - Encrypt data & implement least
privilege access
 - Regular security assessments.
 Zero Trust is essential for securing cloud
environments.
Conclusion  Combining industry standards with robust
security policies reduces risks (Aiello,
2024).
 Ahmadi, S. (2025) Autonomous Identity-Based threat segmentation in zero trust architectures. https://arxiv.org/abs/2501.06281.

 Aiello, S.T. (2024) Prescriptive Zero Trust: Assessing the impact of zero trust on cyber attack prevention.
https://scholar.dsu.edu/theses/466/.

 Alevizos, L., Ta, V.T. and Eiza, M.H. (2021) 'Augmenting zero trust architecture to endpoints using blockchain: A state‐of‐the‐art review,'
Security and Privacy, 5(1). https://doi.org/10.1002/spy2.191.

 Dakić, V. et al. (2024) 'Analysis of Azure Zero Trust Architecture Implementation for Mid-Size Organizations,' Journal of Cybersecurity and
Privacy, 5(1), p. 2. https://doi.org/10.3390/jcp5010002.

 Edo, O.C. et al. (2023) 'A zero trust architecture for health information systems,' Health and Technology, 14(1), pp. 189–199.
https://doi.org/10.1007/s12553-023-00809-4.

 Fernandez, E.B. and Brazhuk, A. (2024) 'A critical analysis of Zero Trust Architecture (ZTA),' Computer Standards & Interfaces, 89, p.
103832. https://doi.org/10.1016/j.csi.2024.103832.

 Ferretti, L. et al. (2021) 'Survivable zero trust for cloud computing environments,' Computers & Security, 110, p. 102419.
https://doi.org/10.1016/j.cose.2021.102419.

 He, Y. et al. (2022) 'A survey on Zero Trust architecture: Challenges and future trends,' Wireless Communications and Mobile Computing,
2022, pp. 1–13. https://doi.org/10.1155/2022/6476274.

 Hilbig, T., Schreck, T. and Limmer, T. (2023) '‘State of the Union’: Evaluating open source zero trust components,' in Lecture notes in
computer science, pp. 42–61. https://doi.org/10.1007/978-3-031-47198-8_3.

 Jaiswal, S. (2024) Securing Amazon Web Services with Zero Trust Architecture.
https://aaltodoc.aalto.fi/items/fb9b649e-cd5d-40d2-afe8-089bdd8d604f.

 Laptev, V.A. and Feyzrakhmanova, D.R. (2024) 'Application of Artificial intelligence in Justice: Current trends and future prospects,'
Human-Centric Intelligent Systems, 4(3), pp. 394–405. https://doi.org/10.1007/s44230-024-00074-2.

 Manda, J.K. (2022) Zero trust architecture in telecom: Implementing zero trust architecture principles to enhance network security and
mitigate insider threats in telecom operations. https://acadexpinnara.com/index.php/JIT/article/view/372.

 Mandal, S., Khan, D.A. and Jain, S. (2021) 'Cloud-Based Zero Trust Access Control Policy: An approach to support Work-From-Home driven
by COVID-19 pandemic,' New Generation Computing, 39(3–4), pp. 599–622. https://doi.org/10.1007/s00354-021-00130-6.

 Ojo, A.O. (2025) 'Adoption of Zero Trust Architecture (ZTA) in the protection of critical infrastructure,' Path of Science, 11(1), p. 5001.
https://doi.org/10.22178/pos.113-2.

 Ramezanpour, K. and Jagannath, J. (2022) 'Intelligent zero trust architecture for 5G/6G networks: Principles, challenges, and the role of
machine learning in the context of O-RAN,' Computer Networks, 217, p. 109358. https://doi.org/10.1016/j.comnet.2022.109358.

 Sarkar, S. et al. (2022a) 'Security of zero trust networks in Cloud Computing: A Comparative review,' Sustainability, 14(18), p. 11213.
https://doi.org/10.3390/su141811213.

 Sarkar, S. et al. (2022b) 'Security of zero trust networks in Cloud Computing: A Comparative review,' Sustainability, 14(18), p. 11213.

You might also like