Skip to main content

Cyber risk assessment in cloud provider environments: Current models and future needs

Akinrolabu, Olusola, Nurse, Jason R. C., Martin, Andrew, New, Steve (2019) Cyber risk assessment in cloud provider environments: Current models and future needs. Computers & Security, 87 . p. 101600. ISSN 0167-4048. (doi:10.1016/j.cose.2019.101600) (Access to this publication is currently restricted. You may be able to access a copy if URLs are provided)

PDF - Author's Accepted Manuscript
Restricted to Repository staff only until 23 August 2020.

Creative Commons Licence
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
Contact us about this Publication Download (1MB)
[img]
Official URL
https://doi.org/10.1016/j.cose.2019.101600

Abstract

Traditional frameworks for risk assessment do not work well for cloud computing. While recent work has often focussed on the risks faced by firms adopting or selecting cloud services, there has been little research on how cloud providers might assess their own services. In this paper, we use an in-depth review of the extant literature to highlight the weaknesses of traditional risk assessment frameworks for this task. Using examples, we then describe a new risk assessment model (CSCCRA) and compare this against three established approaches. For each approach, we consider its goals, the risk assessment process, decisions, the scope of the assessment and the way in which risk is conceptualised. This evaluation points to the need for dynamic models specifically designed to evaluate cloud risk. Our suggestions for future research are aimed at improving the identification, assessment, and mitigation of inter-dependent cloud risks inherent in a defined supply chain.

Item Type: Article
DOI/Identification number: 10.1016/j.cose.2019.101600
Uncontrolled keywords: Cloud computing, Risk assessment, Conceptual model, Cloud risks, Quantitative and qualitative assessment, Supply chain
Subjects: Q Science
Q Science > QA Mathematics (inc Computing science)
T Technology
Divisions: Faculties > Sciences > School of Computing > Security Group
Faculties > Sciences > School of Engineering and Digital Arts
Depositing User: Jason Nurse
Date Deposited: 24 Aug 2019 11:07 UTC
Last Modified: 01 Oct 2019 10:36 UTC
Resource URI: https://kar.kent.ac.uk/id/eprint/75979 (The current URI for this page, for reference purposes)
Nurse, Jason R. C.: https://orcid.org/0000-0003-4118-1680
  • Depositors only (login required):

Downloads

Downloads per month over past year