Cloud Under Siege: Unveiling Security Threats and Strategic Defences in the Era of Virtual Infrastructure

Parul

doi:10.36676/urr.v10.i3.1578

Authors

Parul Research scholar , Kalinga university

DOI:

https://doi.org/10.36676/urr.v10.i3.1578

Keywords:

Cloud Under Siege, Security Threats and Strategic Defences

Abstract

Cost-effectiveness, scalability, improved collaboration, and simplified IT infrastructure are just a few of the revolutionary advantages that cloud computing offers as it continues to be the foundation of digital transformation in a variety of sectors, including government, healthcare, education, and finance. However, a fast changing danger scenario is overshadowing these benefits more and more. Attackers are taking advantage of flaws in distributed, multi-tenant, and remote-access systems that are inherent to their design as more sensitive data and mission-critical apps move to the cloud. Insider threats, compromised user credentials, unsecured APIs, insider threats, and unauthorised data access are just a few of the increasingly complex security issues that organisations must contend with.

This study examines the complex cloud security ecosystem and provides a thorough analysis of the main security flaws in modern cloud installations. It emphasises how strategic and cooperative security measures are necessary for client organisations and cloud service providers (CSPs) to protect their data and operations. The research takes into account the latest developments in cybersecurity technology, examines industry rules like GDPR, HIPAA, and ISO/IEC 27001, and tackles issues particular to certain industries, including the requirement for transactional security in banking or the protection of patient data in healthcare.

References

Cloud Security Alliance. (2023). Top threats to cloud computing: The egregious eleven . [https://cloudsecurityalliance.org](https://cloudsecurityalliance.org)

Hashizume, K., Rosado, D. G., Fernández-Medina, E., & Fernandez, E. B. (2013). An analysis of security issues for cloud computing. Journal of Internet Services and Applications , 4 (1), 1–13. [https://doi.org/10.1186/1869-0238-4-5](https://doi.org/10.1186/1869-0238-4-5)

Kumar, A., & Bansal, S. (2022). Cloud computing security: Issues and strategies. Journal of Cloud Computing , 11 (1), 1–14. [https://doi.org/10.1186/s13677-022-00300-9](https://doi.org/10.1186/s13677-022-00300-9)

National Institute of Standards and Technology (NIST). (2020). Zero trust architecture (SP 800-207) . [https://doi.org/10.6028/NIST.SP.800-207](https://doi.org/10.6028/NIST.SP.800-207)

Microsoft. (2022). Security in a cloud-first world: Modern strategies for cloud resilience . [https://www.microsoft.com/security](https://www.microsoft.com/security)

Subashini, S., & Kavitha, V. (2011). A survey on security issues in service delivery models of cloud computing. Journal of Network and Computer Applications , 34 (1), 1–11. [https://doi.org/10.1016/j.jnca.2010.07.006](https://doi.org/10.1016/j.jnca.2010.07.006)

IBM Security. (2023). Cost of a data breach report 2023 . [https://www.ibm.com/reports/data-breach](https://www.ibm.com/reports/data-breach)

Singh, A., & Chatterjee, K. (2021). Cloud computing security issues and challenges: A survey. Procedia Computer Science , 167 , 544–556. [https://doi.org/10.1016/j.procs.2020.03.272](https://doi.org/10.1016/j.procs.2020.03.272)

Zhou, Y., He, X., & Liu, J. (2021). Insider threats in cloud computing environments: A comprehensive review. IEEE Access , 9 , 44163–44177. [https://doi.org/10.1109/ACCESS.2021.3067099](https://doi.org/10.1109/ACCESS.2021.3067099)

Sharma, R., & Sood, S. K. (2020). A novel hybrid intrusion detection system for cloud computing environments. Computers & Security , 91 , 101722. [https://doi.org/10.1016/j.cose.2020.101722](https://doi.org/10.1016/j.cose.2020.101722)