Report notes that as security threats grow, “technology and procedures need to evolve even faster”.
The DoC notes that the National Institute of Standards and Technology (NIST) should be on hand to develop guidelines for businesse too small to create their own. Standardisation is signalled as missing mainly, so it is much needed at present. The paper suggests that greater automation of security is also a priority. The paper indicates incentives needed to be applied to encourage better security, including disclosure rules. The report calls for the development of cost-benefit analysis tools which would help justify (and therefore promote) better information security.
At present security is vital in the infraestructure of the cloud and the report gives some advise on how to reach a good deal of security.
