This article discusses the security concerns related to cloud architecture and how ISO 27001 standards can be used for risk assessment. It covers the threats and vulnerabilities associated with primary and secondary assets, and explains how to compute risk levels using the Boston grid. The article also highlights the importance of having a certified security hallmark to ensure legal compliance and customer confidence.