IT Security Risk Management in the Context of Cloud Computing

2015 ◽  
Author(s):  
André Loske
Keyword(s):  
Cloud Computing ◽  
Risk Management ◽  
It Security ◽  
Security Risk ◽  
Security Risk Management

IT Security Risk Management Model for Cloud Computing

2013 ◽  
Vol 4 (4) ◽  
pp. 1-19 ◽  
Author(s):  
Gunnar Wahlgren ◽  
Stewart Kowalski
Keyword(s):  
Cloud Computing ◽  
Risk Management ◽  
It Security ◽  
Maturity Model ◽  
Security Risk ◽  
Cloud Computing Environment ◽  
New Approach ◽  
Capability Maturity ◽  
Security Risk Management ◽  
Security Incidents

The authors combined ISO 27005 framework for IT Security Risk Management with NIST Multitier framework. With this combined framework the authors create a new approach to IT Security Risk Management where IT Security Risk Management is place at the strategic, tactical and operational levels of an organizational. In this paper the authors concentrate on the monitoring and communication steps of IT Security Risk Management and especially escalation of new IT Security Incidents. The authors present a first draft to an IT Security Risk Escalation Capability Maturity Model based on ISACA´s Risk IT Framework. Finally the authors apply the approach to typical cloud computing environment as a first step to evaluate this new approach.

Network externalities, layered protection and IT security risk management

2007 ◽  
Vol 44 (1) ◽  
pp. 1-16 ◽  
Author(s):  
Wei T. Yue ◽  
Metin Çakanyıldırım ◽  
Young U. Ryu ◽  
Dengpan Liu
Keyword(s):  
Risk Management ◽  
Network Externalities ◽  
It Security ◽  
Security Risk ◽  
Security Risk Management

A Security Risk Management Metric for Cloud Computing Systems

2014 ◽  
Vol 4 (3) ◽  
pp. 1-21 ◽  
Author(s):  
Mouna Jouini ◽  
Latifa Ben Arfa Rabai
Keyword(s):  
Cloud Computing ◽  
Risk Management ◽  
Cyber Security ◽  
Economic Security ◽  
Public Utility ◽  
Cloud Provider ◽  
Security Model ◽  
Security Risk ◽  
Cloud Computing System ◽  
Security Risk Management

Cloud computing is a growing technology used by several organizations because it presents a cost effective policy to manage and control Information Technology (IT). It delivers computing services as a public utility rather than a personal one. However, despite these benefits, it presents many challenges including access control and security problems. In order to assess security risks, the paper gives an overview of security risk management metrics. Then, it illustrates the use of a cyber security measure to describe an economic security model for cloud computing system. Moreover, it proposes a cloud provider business model for security issues. Finally, the paper shows a solution related to the vulnerabilities in cloud systems using a new quantitative metric to reduce the probability that an architectural components fails. The main aim of this article is to quantify security threats in cloud computing environments due to security breaches using a new security metric.

Sign in / Sign up

Export Citation Format

Share Document