Risk and Reaction

Please respond to both of the following questions:
Question A
What are some of the security risks with outsourcing cloud computing services to a third party organization and what are the methods to help counteract these risks?
Question B
What problems arise when organizations use a reactive method of intrusion detection and what are some requirements that can be added to a security policy to alleviate these problems?