adopting the use of cloud-based technologies in the last five years. This trend has caused a significant shift in the way that many organizations interact with information both internally and externally. Yet there are also many risk factors inherent in these technologies, some of which are the result of insider conspiracy (Brender & Markov, 2013).
Cloud computing offers many advantages over traditional IT infrastructure which make it an attractive option, however it also exposing organizations to new forms of security issues (Brender & Markov, 2013).
There are many security measures that are needed to mitigate potential security risks associated with cloud computing such as data theft, fines, and privacy
. Many of the most technologically advanced companies, such as IBM, Amazon, and Google, faced many challenges when implementing cloud-based platforms. Furthermore, despite rapid development in cloud technologies in recent years, there are many different cloud computing definitions that are being used (Du & Cong, 2010).
Definitions differ on the basis of many different factors including their applications and their abilities, costs, the requirement for cloud computing, security, goals for adoption, growth trends, and security threats. Despite the loose definition that has emerged, cloud computing is considered by many businesses to be powerful, efficient and highly cost effective. It is predicted that cloud computing will become an ubiquitous component of the business model for all medium and large enterprises within the next decade (Subashini & Kavitha, 2011).
Jansen (2011) articulated that this growth will make the insider security threat even more salient in the technologies future implementation.
Statement of the Problem
There are several risks are associated with cloud computing and some do not yet have an industry-wide solution
. The emerging body of literature has identified that the future risks will exceed the risks that are currently validated. The internal risks associated with cloud technologies are seen as potential threats that may devastate an entire organization; for this reason, it is important to have protections against insider’s attacks as well as recovery plans for damage inflicted by cloud computing.
According to the 2011 CyberSecurity Watch Survey result, 43% of respondents indicated that the threats are more caused by insider’s attack than the outsiders because the insiders can ignore the security measures to reasonable standards (Capelli, Moore, & Trzeciak, 2012
). Enterprise-wide risk assessment helps to prevent an organization from easily overlooking the fact that trusted business partners and other such contractors still have access to the enterprise’s information and networks. While these partners are trusted, the business absolutely should not overlook the fact that these partners have the ability to attack and thus, might attack at some point in the future (Cappelli et al., 2013).
A new study conducted by the Computer Emergency Response Team (CERT) Insider Threat Center found that nearly 93% of fraud occurrences were carried out away from technical control. For this purpose, an effective way to prevent and detect insider crimes is to make an initiative that could master behavior aspects beside the technical controls that are recommended (Lynch, 2012).
This study will focus on behavioral factors that have the potential to mitigate internal risks that are presented with the implementation of cloud based infrastructures. The identification of behavioral factors could facilitate spotting the insider threat before it manifests and mitigating it through disciplinary intervention in the organization. The Situational Leadership Model integrated with Thomas Gordon’s problem ownership approach (figure 1) is an instrument that could be adapted to provide an adequate framework for investigating organizational commitments (Hersey, Blanchard, & Johnson, 2013). This study will analyze the possibility off identifying insider threats by using identified performance readiness of involved people to deliver more security in cloud computing.
Purpose of the Study
The purpose of this study is to develop quantitative research methods to measure the readiness of the managers and staff assigned to accomplish security tasks associated with cloud computing. The Center for the leadership studies developed two performances readiness scale instruments, the manager readiness scale and staff rating scale as it is shown in Appen
dix B. Both instruments measure the job performance readiness and psychological readiness (Hersey, Blanchard, & Johnson, 2008). Those instruments will be adapted for this study with permission from the Center for the leadership…