Cloud Computing and Insider Threats

¶ … adopting the use of cloud-based technologies in the last five years. This trend has caused a significant shift in the way that many organizations interact with information both internally and externally. Yet there are also many risk factors inherent in these technologies, some of which are the result of insider conspiracy (Brender & Markov, 2013). Cloud computing offers many advantages over traditional IT infrastructure which make it an attractive option, however it also exposing organizations to new forms of security issues (Brender & Markov, 2013).

There are many security measures that are needed to mitigate potential security risks associated with cloud computing such as data theft, fines, and privacy. Many of the most technologically advanced companies, such as IBM, Amazon, and Google, faced many challenges when implementing cloud-based platforms. Furthermore, despite rapid development in cloud technologies in recent years, there are many different cloud computing definitions that are being used (Du & Cong, 2010).

Definitions differ on the basis of many different factors including their applications and their abilities, costs, the requirement for cloud computing, security, goals for adoption, growth trends, and security threats. Despite the loose definition that has emerged, cloud computing is considered by many businesses to be powerful, efficient and highly cost effective. It is predicted that cloud computing will become an ubiquitous component of the business model for all medium and large enterprises within the next decade (Subashini & Kavitha, 2011).

Jansen (2011) articulated that this growth will make the insider security threat even more salient in the technologies future implementation. Statement of the Problem There are several risks are associated with cloud computing and some do not yet have an industry-wide solution. The emerging body of literature has identified that the future risks will exceed the risks that are currently validated.

The internal risks associated with cloud technologies are seen as potential threats that may devastate an entire organization; for this reason, it is important to have protections against insider's attacks as well as recovery plans for damage inflicted by cloud computing. According to the 2011 CyberSecurity Watch Survey result, 43% of respondents indicated that the threats are more caused by insider's attack than the outsiders because the insiders can ignore the security measures to reasonable standards (Capelli, Moore, & Trzeciak, 2012 ).

Enterprise-wide risk assessment helps to prevent an organization from easily overlooking the fact that trusted business partners and other such contractors still have access to the enterprise's information and networks. While these partners are trusted, the business absolutely should not overlook the fact that these partners have the ability to attack and thus, might attack at some point in the future (Cappelli et al., 2013).

A new study conducted by the Computer Emergency Response Team (CERT) Insider Threat Center found that nearly 93% of fraud occurrences were carried out away from technical control. For this purpose, an effective way to prevent and detect insider crimes is to make an initiative that could master behavior aspects beside the technical controls that are recommended (Lynch, 2012). This study will focus on behavioral factors that have the potential to mitigate internal risks that are presented with the implementation of cloud based infrastructures.

The identification of behavioral factors could facilitate spotting the insider threat before it manifests and mitigating it through disciplinary intervention in the organization. The Situational Leadership Model integrated with Thomas Gordon's problem ownership approach (figure 1) is an instrument that could be adapted to provide an adequate framework for investigating organizational commitments (Hersey, Blanchard, & Johnson, 2013). This study will analyze the possibility off identifying insider threats by using identified performance readiness of involved people to deliver more security in cloud computing.

Purpose of the Study The purpose of this study is to develop quantitative research methods to measure the readiness of the managers and staff assigned to accomplish security tasks associated with cloud computing. The Center for the leadership studies developed two performances readiness scale instruments, the manager readiness scale and staff rating scale as it is shown in Appen dix B. Both instruments measure the job performance readiness and psychological readiness (Hersey, Blanchard, & Johnson, 2008).

Those instruments will be adapted for this study with permission from the Center for the leadership studies. This study will incorporate the Situational Leadership Model in integration with Gordon's problem ownership approach as a diagnostic tool. This tool can help management look at problems of ownership in the context of Situational Leadership. An integration of these factors in a multiple regression study would create the possibility of identifying potential organizational problems by assessing readiness level and determine the leadership style that has the best chance to success (Hersey et al., 2008).

In view of that, such diagnostic tool could help management to intervene and make practical decisions in problematic situations. The targeted population will be the managers and staff who verified to accomplish the tasks of cloud computing within the designated organizations. The targeted population is a group of an organization that provides cloud computing services. The organization is XXXX in the following countries: YYY, ZZZ and NNN.

This study will use a convenience sample will because it will allow access to more data since the targeted population is convenient to reach (Creswell, 2008; Alreck & Settle, 2009). Samples of convenience are appropriate for correlational research (Salkind, 2009). This research will collect data on the operational definition variables to determine if they are related without attempting to manipulate them. This study employed data collection and analysis by using a validated survey.

The survey instrument, which is specific to the Situational Leadership Model, will be utilized by the attained permission of the Situational Leadership Center. I don't know why this is worth noting, because you haven't defined it yet, nor the field in which it is studied Cloud computing is considered by whom? And what are the advantages that make it an attractive alternative? You also need to work on sentence structure. When you write in passive voicing you obfuscate the actor of the action.

In this sentence, I'm not sure what you mean? People use cloud computing options and who is implementing the security measures? Not the cloud software itself, but whoever owns the particular cloud software? And the security measures were designed by a designer to minimize risks of data theft, fines (?), and loss of privacy. Academic writing is at its best crystal clear, and its weakness may be that it is TOO verbose -- meaning the writer uses too many words in order to clarify.

This is a run-on sentence It is very hard for me to determine the essence of your topic. This kind of language is more of the "tell us" language often used in promotional materials or media outlets. However, in academic writing.