BA01 Malicious Insider In Cloud Infrastructure
| Context | Compliance manager works with cloud application |
| Problem | Malicious insider in cloud infrastructure causes security issues of cloud application |
| Solution | Define Cost of Incident metrics; |
| References | OI-1: Malicious insiders in the cloud infrastructure provider [SECCRIT]; R.10: Cloud provider malicious insider - abuse of high privilege roles [ENISA]; Cloud Provider Malicious Insider [QUIRC]; TIS.021 [BDU]; Cost of Incidents, Mean Cost of Incidents, Mean Incident Recovery Cost [Casola]; |
| Type | ns:type_ThreatPattern |
| Victim | su:comp_CloudApplication |
| Aggressor | su:comp_ComplianceManager |
| Aggr. role | ns:role_Client |
| STRIDE | |
| Threat |