Risk Assessment Method of Cloud Environment

Authors

  • Martin Zbořil Prague University of Economics and Business, Faculty of Informatics and Statistics, 130 67 Prague, Czech Republic

DOI:

https://doi.org/10.31577/cai_2022_5_1186

Keywords:

Cloud computing, cloud services, security, risk assessment, method, case study

Abstract

Cloud technology usage in nowadays companies constantly grows every year. Moreover, the COVID-19 situation caused even a higher acceleration of cloud adoption. A higher portion of deployed cloud services, however, means also a higher number of exploitable attack vectors. For that reason, risk assessment of the cloud environment plays a significant role for the companies. The target of this paper is to present a risk assessment method specialized in the cloud environment that supports companies with the identification and assessments of the cloud risks. The method itself is based on ISO/IEC 27005 standard and addresses a list of predefined cloud risks. Besides, the paper also presents the risk score calculation definition. The risk assessment method is then applied to an accounting company in a form of a case study. As a result, 24 risks are identified and assessed within the case study where each risk included also exemplary countermeasures. Further, this paper includes a description of the selected cloud risks.

Downloads

Download data is not yet available.

Downloads

Published

2022-12-31

How to Cite

Zbořil, M. (2022). Risk Assessment Method of Cloud Environment. Computing and Informatics, 41(5), 1186–1206. https://doi.org/10.31577/cai_2022_5_1186