Abstract
Outsourcing computing and storage to the cloud does not eliminate the need for handling of information security incidents. However, the long provider chains and unclear responsibilities in the cloud make incident response difficult. In this paper we present results from interviews in critical infrastructure organisations that highlight incident handling needs that would apply to cloud customers, and suggest mechanisms that facilitate inter-provider collaboration in handling of incidents in the cloud, improving the accountability of the cloud service providers.
