ABSTRACT
Cloud technology usage in nowadays companies constantly grows every year. Moreover, the COVID-19 situation caused even a higher acceleration of cloud adoption. A higher portion of deployed cloud services, however, means also a higher number of exploitable attack vectors. For that reason, risk assessment of the cloud environment plays a significant role for the companies. The target of this paper is to present a risk assessment method specialized in the cloud environment that supports companies with the identification and assessments of the cloud risks. The method itself is based on ISO/IEC 27005 standard and addresses a list of predefined cloud risks. Besides, the paper also presents the risk score calculation definition. The risk assessment method is then applied to an accounting company in a form of a case study. As a result, 24 risks are identified and assessed within the case study where each risk included also exemplary countermeasures. Further, this paper includes a description of the selected cloud risks.
ABSTRACT
Cloud technology usage in nowadays companies constantly grows every year. Moreover, the COVID-19 situation caused even a higher acceleration of cloud adoption. A higher portion of deployed cloud services, however, means also a higher number of exploitable attack vectors. For that reason, risk assessment of the cloud environment plays a significant role for the companies. The target of this paper is to present a risk assessment method specialized in the cloud environment that supports companies with the identification and assessments of the cloud risks. The method itself is based on ISO/IEC 27005 standard and addresses a list of predefined cloud risks. Besides, the paper also presents the risk score calculation definition. The risk assessment method is then applied to an accounting company in a form of a case study. As a result, 24 risks are identified and assessed within the case study where each risk included also exemplary countermeasures. Further, this paper includes a description of the selected cloud risks. © 2022 Slovak Academy of Sciences. All rights reserved.
ABSTRACT
Adoption of cloud services has an increasing trend for many years already and no indication that it should change in close future has occurred. Moreover, cloud consumption has been further enhanced due to the COVID-19 situation since a great number of employees started to work from home and therefore, they need to access resources over the internet. This article describes the performed analysis of official data provided by the European Union on the consumption of cloud services in the member countries. The analysis particularly focused on comparing the cloud consumption in the Czech Republic, Visegrad Group and European Union in total. The consumption was compared based on multiple criteria - primarily on cloud service types, organization types, consumption trends. The analysis was conducted over sets of biannual data (2014, 2016, 2018, and 2020) that are available on the Eurostat site for all the European Union countries. The comparison showed that the level of cloud consumption differs across and that the average consumption for the European Union is higher than in the Czech Republic and in Visegrad Group. Besides, the comparison revealed that consumption in the Czech Republic is slightly higher than in Visegrad Group. Such pattern in the comparison between the three subjects was present in the majority of comparisons and therefore it might be stated that the Czech Republic and Visegrad Group are behind the average cloud consumption in European Union. This article is closely related to the Information Management as one of the aims of the E&M Economics and Management journal.