Abstract
Conventional patterns of the ways information systems run are rapidly evolving. Cloud computing undisputedly has influenced profoundly in this direction by providing many benefits such as accessibility and availability of resources to organisations. But the economical advantage and the cost impacts are far more attractive to organisations than anything else when it comes to cloud computing. This convenient and attractiveness comes with new phases of security and risk challenges for both cloud providers and clients which requires investment for managing and mitigating them. The challenges get more complicated as the service itself passes geographical and national boundaries which create a completely new paradigm for security, risk, privacy, and more importantly cost implications. Social Engineering Attacks (SEAs) are example of those risks that are very attractive way for attackers for accessing classified data. There are certain constraints for employees when they use LAN. These limitations reduced greatly by the introduction of Cloud and off-site services. This allows attackers to use any compromised passwords from any web-connected device. This paper discusses main issues in migrating to a cloud environment by organisations regarding the human factors of SEAs threats and risks related concepts. The approach provides a set of recommendations for appropriate control actions to mitigate related risks.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Pearson, S., Yee, G.: Privacy and Security for Cloud Computing. Springer, London (2013)
Alavi, R., Islam, S., Jahankhani, H., Al-Nemrat, A.: Analyzing human factors for an effective information security management system. Int. J. Secure Softw. Eng. (IJSSE) 4, 50–75 (2013)
Ryan, M.D.: Cloud computing security: the scientific challenge, and a survey of solutions. J. Syst. Softw. 86(9), 2263–2268 (2013)
Hogan, M., Sokol, A.: NIST cloud computing standards roadmap. In: Commerce, U.D.O. (ed.) National Institute of Standards and Technology (NIST) April 2014 (2011). http://www.nist.gov/customcf/get_pdf.cfm?pub_id=909024
Alavi, R., Islam, S., Mouratidis, H.: A conceptual framework to analyze human factors of information security management system (ISMS) in organizations. In: Tryfonas, T., Askoxylakis, I. (eds.) HAS 2014. LNCS, vol. 8533, pp. 297–305. Springer, Heidelberg (2014)
Yin, X., Yurcik, W., Treaster, M., Li, Y., Lakkaraju, K.: VisFlowConnect: netflow visualizations of link relationships for security situational awareness. In: Proceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security. Washington DC, USA, ACM (2004)
Maceachren, A.M., Jaiswal, A., Robinson, A.C., Pezanowski, S., Savelyev, A., Mitra, P., Zhang, X., BlanfordL, J.: SensePlace2: GeoTwitter analytics support for situational awareness. In: IEEE Conference on Visual Analytics Science and Technology (VAST), pp. 181–190. 23–28 Oct 2011, IEEE (2011)
Heiser, J., Nicolett, M.: Assessing the Security Risks of Cloud Computing, March 2014 (2008). http://www.gartner.com/id=685308
Lacey, D.: Managing the Human Factor in Information Security: How to win over staff and influence business managers. Wiley, New York (2011)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Alavi, R., Islam, S., Mouratidis, H. (2015). Human Factors of Social Engineering Attacks (SEAs) in Hybrid Cloud Environment: Threats and Risks. In: Jahankhani, H., Carlile, A., Akhgar, B., Taal, A., Hessami, A., Hosseinian-Far, A. (eds) Global Security, Safety and Sustainability: Tomorrow's Challenges of Cyber Security. ICGS3 2015. Communications in Computer and Information Science, vol 534. Springer, Cham. https://doi.org/10.1007/978-3-319-23276-8_5
Download citation
DOI: https://doi.org/10.1007/978-3-319-23276-8_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-23275-1
Online ISBN: 978-3-319-23276-8
eBook Packages: Computer ScienceComputer Science (R0)