Cybersecurity Frameworks for Cloud Computing Environments

Authors

  • Elizabeth Shelly Gulu University

DOI:

https://doi.org/10.47941/ijce.2058

Keywords:

Cybersecurity Frameworks, Cloud Computing Environments, Multi-layered Security, Regulatory Compliance, International Cooperation

Abstract

Purpose: The general objective of this study was to explore cybersecurity frameworks for cloud computing environments.

Methodology: The study adopted a desktop research methodology. Desk research refers to secondary data or that which can be collected without fieldwork. Desk research is basically involved in collecting data from existing resources hence it is often considered a low cost technique as compared to field research, as the main cost is involved in executive’s time, telephone charges and directories. Thus, the study relied on already published studies, reports and statistics. This secondary data was easily accessed through the online journals and library.

Findings: The findings reveal that there exists a contextual and methodological gap relating to explore cybersecurity frameworks for cloud computing environments. The study emphasized the necessity of robust, comprehensive security measures to address the unique challenges of cloud infrastructures. It highlighted the importance of advanced security measures like encryption, multi-factor authentication, and continuous monitoring to mitigate risks. The research underscored the need for holistic and adaptable frameworks that integrate technological solutions and human factors, while also stressing regulatory compliance. The findings had significant implications for cloud service providers, businesses, regulatory bodies, and cybersecurity professionals, suggesting a focus on new technologies like AI and blockchain for future research.

Unique Contribution to Theory, Practice and Policy: The Diffusion of Innovations Theory, Technology Acceptance Model (ATM) and Socio-Technical Systems Theory may be used to anchor future studies on cybersecurity frameworks for cloud computing environments. The study made significant theoretical, practical, and policy recommendations. It emphasized the need for an integrated theoretical approach, the adoption of multi-layered security practices, and regular security assessments. The study also advocated for standardized and specific regulatory frameworks tailored to cloud environments and international cooperation for consistent global cybersecurity policies. These recommendations aimed to enhance the understanding, implementation, and governance of cloud security, ultimately contributing to a more resilient and secure cloud computing ecosystem.

Downloads

Download data is not yet available.

References

Ali, M., Khan, S. U., & Vasilakos, A. V. (2015). Security in cloud computing: Opportunities and challenges. Information Sciences, 305, 357-383. https://doi.org/10.1016/j.ins.2015.01.025

Chen, D., & Zhao, H. (2012). Data security and privacy protection issues in cloud computing. 2012 International Conference on Computer Science and Electronics Engineering, 1, 647-651. https://doi.org/10.1109/ICCSEE.2012.193

Cloud Security Alliance (CSA). (2019). Cloud Controls Matrix. Retrieved from https://cloudsecurityalliance.org/research/cloud-controls-matrix/

Cloud Security Alliance (CSA). (2021). Cloud Security Complexity: Challenges in Managing Security in Hybrid and Multi-Cloud Environments. Retrieved from https://cloudsecurityalliance.org/research/cloud-security-complexity/

Davis, F. D. (1989). Perceived usefulness, perceived ease of use, and user acceptance of information technology. MIS Quarterly, 13(3), 319-340. https://doi.org/10.2307/249008

Department for Digital, Culture, Media & Sport (DCMS). (2022). Cyber Security Breaches Survey 2022. DCMS. Retrieved from https://www.gov.uk/government/statistics/cyber-security-breaches-survey-2022

Dunlap, S., & Lu, H. (2019). A Comprehensive Review of Cloud Computing Security Issues and Solutions. International Journal of Cloud Computing and Services Science, 8(1), 45-67. https://doi.org/10.11591/ijccs.v8i1.15794

ENISA. (2015). Cloud Computing Risk Assessment. European Network and Information Security Agency. Retrieved from https://www.enisa.europa.eu/publications/cloud-computing-risk-assessment

European Union. (2018). General Data Protection Regulation (GDPR). Retrieved from https://eur-lex.europa.eu/eli/reg/2016/679/oj

Fernandes, D. A., Soares, L. F., Gomes, J. V., Freire, M. M., & Inácio, P. R. (2014). Security issues in cloud environments: a survey. International Journal of Information Security, 13(2), 113-170. https://doi.org/10.1007/s10207-013-0208-7

Frost & Sullivan. (2021). Brazilian Cloud Security Market Forecast 2021-2026. Frost & Sullivan. Retrieved from https://www.frost.com/research/cloud-security-market-brazil/

Garcia, M. (2017). The impact of zero trust on cybersecurity. Journal of Cyber Security and Mobility, 6(4), 275-292. https://doi.org/10.13052/jcsm2245-1439.643

Gartner. (2020). Forecast: Public Cloud Services, Worldwide, 2020-2024. Gartner Research. Retrieved from https://www.gartner.com/en/newsroom/press-releases/2020-07-21-gartner-forecasts-worldwide-public-cloud-end-user-spending-to-grow-23-percent-in-2021

Grobauer, B., Walloschek, T., & Stocker, E. (2015). Understanding cloud computing vulnerabilities. IEEE Security & Privacy, 9(2), 50-57. https://doi.org/10.1109/MSP.2010.115

Hashizume, K., Rosado, D. G., Fernández-Medina, E., & Fernandez, E. B. (2013). An analysis of security issues for cloud computing. Journal of Internet Services and Applications, 4(1), 5. https://doi.org/10.1186/1869-0238-4-5

IBM. (2022). Cost of a Data Breach Report 2022. Retrieved from https://www.ibm.com/security/data-breach

Information-technology Promotion Agency (IPA). (2021). Survey Report on Cybersecurity Measures in Japan. IPA. Retrieved from https://www.ipa.go.jp/files/000085635.pdf

ISO. (2013). ISO/IEC 27001: Information security management systems - Requirements. International Organization for Standardization. Retrieved from https://www.iso.org/standard/54534.html

Johnson, D., & Willey, L. (2020). ISO/IEC 27001: 2013 implementation: A practical guide for SMEs. International Journal of Cyber-Security and Digital Forensics (IJCSDF), 9(3), 234-245. https://doi.org/10.17781/P002672

Kobayashi, T., & Suzuki, H. (2019). Application of artificial intelligence in cybersecurity: A case study from Japan. Journal of Information Security and Applications, 46, 57-64. https://doi.org/10.1016/j.jisa.2019.03.004

National Institute of Standards and Technology (NIST). (2018). Framework for Improving Critical Infrastructure Cybersecurity. Retrieved from https://www.nist.gov/cyberframework

Rogers, E. M. (2003). Diffusion of Innovations (5th ed.). Free Press.

Subashini, S., & Kavitha, V. (2017). A survey on security issues in service delivery models of cloud computing. Journal of Network and Computer Applications, 34(1), 1-11. https://doi.org/10.1016/j.jnca.2010.07.006

Trist, E. L., & Bamforth, K. W. (1951). Some social and psychological consequences of the Longwall method of coal-getting. Human Relations, 4(1), 3-38. https://doi.org/10.1177/001872675100400101

Zissis, D., & Lekkas, D. (2012). Addressing cloud computing security issues. Future Generation Computer Systems, 28(3), 583-592. https://doi.org/10.1016/j.future.2010.12.006

Downloads

Published

2024-07-12

How to Cite

Shelly, E. (2024). Cybersecurity Frameworks for Cloud Computing Environments. International Journal of Computing and Engineering, 6(1), 30–44. https://doi.org/10.47941/ijce.2058

Issue

Vol. 6 No. 1 (2024)

Section

Articles

License

Copyright (c) 2024 Elizabeth Shelly

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution (CC-BY) 4.0 License that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.