Analyzing Historical Data Breaches to Improve Public Cloud Security Postures Open Access
Downloadable ContentDownload PDF
Although cloud computing provides tremendous benefits, security concerns hinder its widespread adoption. However, cloud security involves a broad set of solutions, including encryption, Identity and Access Management (IAM), perimeter defense, Intrusion Detection System (IDS)/Intrusion Prevention System (IPS), and trusted computing. Typical information security analysis predominantly targets either the impact on companies’ stock price from publicly disclosing cyber security incidents or the effectiveness of security incidents disclosure legislation to reduce the frequency of identity theft incidents. Only a handful of research draws attention to cyber risk management. Still, little work exists today prioritizing security solutions through data breach analysis, which is pivotal for efficient budget and resource allocation. To fill in the gap, this study will evaluate the historical breach incidents in the respect of industries, data breach types, costs of breach incidents, and the number of vulnerabilities identified. The goal of the research is to identify the primary cause of the breaches via statistical techniques, including linear regression, Kruskal-Wallis analysis and Random Forest for predictions. If successful, the research will provide information technology security professionals with specific priorities to more optimally manage resources and budget during cloud security planning and implementation.