Cloud Security Risk Management: A Critical Review

Tamesgen Damenu, Chitra Balakrishna

Research output: Contribution to conferencePaperpeer-review

21 Citations (Scopus)


Cloud computing has created a remarkable paradigm shift in the IT industry and brought several advantages such as on-demand self-service, broad network access, resource pooling, rapid elasticity, and measured service. These advantages enabled cloud to have significant impact on different sectors of smart cites. However, cloud adoption has increased the sophistication of the ever changing security risks which frustrate enterprises on expanding their on-premises infrastructure towards cloud horizons. These risks have the potential of being a major concern for smart cities due to the increasing impact of cloud on them. Managing these security risks requires adopting effective risk management method which involve both the cloud service provider and the customer. The risk management frameworks currently applied to manage enterprise IT risks do not readily fit the cloud environment and the dynamic nature of clouds, which are characterized by on demand self-service and rapid elasticity. Therefore, researchers have proposed different cloud security risk management methods and frameworks. This paper critically reviews these risk management methods and frameworks. In addition, it conducts critical analysis on two of them using qualitative content analysis technique, and evaluates their effectiveness for assessing and mitigating cloud security risks.
Original languageEnglish
Publication statusPublished - 2015
EventInternational Conference on Next Generation Mobile Applications, Services and Technologies (NGMAST) - Cambridge, United Kingdom
Duration: 10 Sept 201512 Sept 2015


ConferenceInternational Conference on Next Generation Mobile Applications, Services and Technologies (NGMAST)
Country/TerritoryUnited Kingdom


Dive into the research topics of 'Cloud Security Risk Management: A Critical Review'. Together they form a unique fingerprint.

Cite this