Skip to main content

Cyber risk assessment in cloud provider environments: Current models and future needs

Akinrolabu, Olusola, Nurse, Jason R. C., Martin, Andrew, New, Steve (2019) Cyber risk assessment in cloud provider environments: Current models and future needs. Computers & Security, 87 . Article Number 101600. ISSN 0167-4048. (doi:10.1016/j.cose.2019.101600) (KAR id:75979)

PDF Author's Accepted Manuscript
Language: English


Download (1MB) Preview
[thumbnail of CS-Cloud-Risk.pdf]
Preview
This file may not be suitable for users of assistive technology.
Request an accessible format
Official URL
https://doi.org/10.1016/j.cose.2019.101600

Abstract

Traditional frameworks for risk assessment do not work well for cloud computing. While recent work has often focussed on the risks faced by firms adopting or selecting cloud services, there has been little research on how cloud providers might assess their own services. In this paper, we use an in-depth review of the extant literature to highlight the weaknesses of traditional risk assessment frameworks for this task. Using examples, we then describe a new risk assessment model (CSCCRA) and compare this against three established approaches. For each approach, we consider its goals, the risk assessment process, decisions, the scope of the assessment and the way in which risk is conceptualised. This evaluation points to the need for dynamic models specifically designed to evaluate cloud risk. Our suggestions for future research are aimed at improving the identification, assessment, and mitigation of inter-dependent cloud risks inherent in a defined supply chain.

Item Type: Article
DOI/Identification number: 10.1016/j.cose.2019.101600
Uncontrolled keywords: Cloud computing, Risk assessment, Conceptual model, Cloud risks, Quantitative and qualitative assessment, Supply chain
Subjects: Q Science
Q Science > QA Mathematics (inc Computing science)
T Technology
Divisions: Divisions > Division of Computing, Engineering and Mathematical Sciences > School of Computing
Divisions > Division of Computing, Engineering and Mathematical Sciences > School of Engineering and Digital Arts
Depositing User: Jason Nurse
Date Deposited: 24 Aug 2019 11:07 UTC
Last Modified: 16 Feb 2021 14:06 UTC
Resource URI: https://kar.kent.ac.uk/id/eprint/75979 (The current URI for this page, for reference purposes)
Nurse, Jason R. C.: https://orcid.org/0000-0003-4118-1680
  • Depositors only (login required):

Downloads

Downloads per month over past year