Corporate Governance, Risk Appetite and Cloud Security Risk

A Little Known Paradox. How Do We Square the Circle?

Research output: Chapter in Book/Report/Conference proceedingConference contribution

40 Downloads (Pure)

Abstract

In today’s corporate world, the notion of corporate
governance has taken a more important role in the management
of large corporates. There is a growing consensus that large
corporates ought to take more of a stewardship approach to
running a company in a clear attempt to move away from the agency theory approach, with all its attendant problems and issues. A fundamental component of corporate governance concerns the adequate recognition of risk faced by the organisation and dealing with it appropriately. Traditional corporate IT risk is well understood, as are the mitigation strategies needed to address this important area. Large corporates also understand risk theory well, and how finding the right balance between risk and profitability is key to ensuring profitability can be maximised while ensuring long term sustainability and resilience are also achieved. We assert that the cloud computing paradigm, while economically attractive to corporates, provides such a step change from traditional IT paradigms, that new risks have evolved, which are not well understood, leading to the possibility of unintended exposure to these sometimes considerable risks. We propose a different approach to the quantification of these risks, which we believe will provide a more robust approach to understanding the potential exposure they face when using cloud.
Original languageEnglish
Title of host publicationEighth International Conference on Cloud Computing, GRIDs, and Virtualization (CLOUD COMPUTING 2017)
EditorsCarlos Becker Westphall, Yong Woo Lee, Bob Duncan, Aspen Olmsted, Michael Vassilakopoulos, Costas Lambrinoudakis, Sokratis K. Katsikas, Raimund Ege
Place of PublicationAthens
PublisherIARIA
Pages139-144
Number of pages6
ISBN (Print)9781612085296
Publication statusPublished - 20 Feb 2017
EventThe Eighth International Conferences on Cloud Computing, GRIDs, and Virtualization - Athens, Greece
Duration: 19 Feb 201723 Feb 2017

Conference

ConferenceThe Eighth International Conferences on Cloud Computing, GRIDs, and Virtualization
Abbreviated titleCLOUD COMPUTING 2017
CountryGreece
CityAthens
Period19/02/1723/02/17

Fingerprint

Corporate governance
Paradox
Risk appetite
Profitability
Paradigm
Agency theory
Mitigation
Stewardship
Risk theory
Resilience
Sustainability
Quantification
Cloud computing

Keywords

  • Corporate governance
  • corporate stewardship
  • risk appetite
  • cloud security risk

Cite this

Duncan, B., Zhao, Y., & Whittington, M. (2017). Corporate Governance, Risk Appetite and Cloud Security Risk: A Little Known Paradox. How Do We Square the Circle? In C. B. Westphall, Y. W. Lee, B. Duncan, A. Olmsted, M. Vassilakopoulos, C. Lambrinoudakis, S. K. Katsikas, ... R. Ege (Eds.), Eighth International Conference on Cloud Computing, GRIDs, and Virtualization (CLOUD COMPUTING 2017) (pp. 139-144). [28008] Athens: IARIA.

Corporate Governance, Risk Appetite and Cloud Security Risk : A Little Known Paradox. How Do We Square the Circle? / Duncan, Bob; Zhao, Yuan; Whittington, Mark.

Eighth International Conference on Cloud Computing, GRIDs, and Virtualization (CLOUD COMPUTING 2017). ed. / Carlos Becker Westphall; Yong Woo Lee; Bob Duncan; Aspen Olmsted; Michael Vassilakopoulos; Costas Lambrinoudakis; Sokratis K. Katsikas; Raimund Ege. Athens : IARIA, 2017. p. 139-144 28008.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Duncan, B, Zhao, Y & Whittington, M 2017, Corporate Governance, Risk Appetite and Cloud Security Risk: A Little Known Paradox. How Do We Square the Circle? in CB Westphall, YW Lee, B Duncan, A Olmsted, M Vassilakopoulos, C Lambrinoudakis, SK Katsikas & R Ege (eds), Eighth International Conference on Cloud Computing, GRIDs, and Virtualization (CLOUD COMPUTING 2017)., 28008, IARIA, Athens, pp. 139-144, The Eighth International Conferences on Cloud Computing, GRIDs, and Virtualization, Athens, Greece, 19/02/17.
Duncan B, Zhao Y, Whittington M. Corporate Governance, Risk Appetite and Cloud Security Risk: A Little Known Paradox. How Do We Square the Circle? In Westphall CB, Lee YW, Duncan B, Olmsted A, Vassilakopoulos M, Lambrinoudakis C, Katsikas SK, Ege R, editors, Eighth International Conference on Cloud Computing, GRIDs, and Virtualization (CLOUD COMPUTING 2017). Athens: IARIA. 2017. p. 139-144. 28008
Duncan, Bob ; Zhao, Yuan ; Whittington, Mark. / Corporate Governance, Risk Appetite and Cloud Security Risk : A Little Known Paradox. How Do We Square the Circle?. Eighth International Conference on Cloud Computing, GRIDs, and Virtualization (CLOUD COMPUTING 2017). editor / Carlos Becker Westphall ; Yong Woo Lee ; Bob Duncan ; Aspen Olmsted ; Michael Vassilakopoulos ; Costas Lambrinoudakis ; Sokratis K. Katsikas ; Raimund Ege. Athens : IARIA, 2017. pp. 139-144
@inproceedings{b57efe39daa74168a3e6751771ac8f7c,
title = "Corporate Governance, Risk Appetite and Cloud Security Risk: A Little Known Paradox. How Do We Square the Circle?",
abstract = "In today’s corporate world, the notion of corporategovernance has taken a more important role in the managementof large corporates. There is a growing consensus that largecorporates ought to take more of a stewardship approach torunning a company in a clear attempt to move away from the agency theory approach, with all its attendant problems and issues. A fundamental component of corporate governance concerns the adequate recognition of risk faced by the organisation and dealing with it appropriately. Traditional corporate IT risk is well understood, as are the mitigation strategies needed to address this important area. Large corporates also understand risk theory well, and how finding the right balance between risk and profitability is key to ensuring profitability can be maximised while ensuring long term sustainability and resilience are also achieved. We assert that the cloud computing paradigm, while economically attractive to corporates, provides such a step change from traditional IT paradigms, that new risks have evolved, which are not well understood, leading to the possibility of unintended exposure to these sometimes considerable risks. We propose a different approach to the quantification of these risks, which we believe will provide a more robust approach to understanding the potential exposure they face when using cloud.",
keywords = "Corporate governance, corporate stewardship, risk appetite, cloud security risk",
author = "Bob Duncan and Yuan Zhao and Mark Whittington",
year = "2017",
month = "2",
day = "20",
language = "English",
isbn = "9781612085296",
pages = "139--144",
editor = "Westphall, {Carlos Becker} and Lee, {Yong Woo} and Bob Duncan and Aspen Olmsted and Michael Vassilakopoulos and Costas Lambrinoudakis and Katsikas, {Sokratis K.} and Raimund Ege",
booktitle = "Eighth International Conference on Cloud Computing, GRIDs, and Virtualization (CLOUD COMPUTING 2017)",
publisher = "IARIA",

}

TY - GEN

T1 - Corporate Governance, Risk Appetite and Cloud Security Risk

T2 - A Little Known Paradox. How Do We Square the Circle?

AU - Duncan, Bob

AU - Zhao, Yuan

AU - Whittington, Mark

PY - 2017/2/20

Y1 - 2017/2/20

N2 - In today’s corporate world, the notion of corporategovernance has taken a more important role in the managementof large corporates. There is a growing consensus that largecorporates ought to take more of a stewardship approach torunning a company in a clear attempt to move away from the agency theory approach, with all its attendant problems and issues. A fundamental component of corporate governance concerns the adequate recognition of risk faced by the organisation and dealing with it appropriately. Traditional corporate IT risk is well understood, as are the mitigation strategies needed to address this important area. Large corporates also understand risk theory well, and how finding the right balance between risk and profitability is key to ensuring profitability can be maximised while ensuring long term sustainability and resilience are also achieved. We assert that the cloud computing paradigm, while economically attractive to corporates, provides such a step change from traditional IT paradigms, that new risks have evolved, which are not well understood, leading to the possibility of unintended exposure to these sometimes considerable risks. We propose a different approach to the quantification of these risks, which we believe will provide a more robust approach to understanding the potential exposure they face when using cloud.

AB - In today’s corporate world, the notion of corporategovernance has taken a more important role in the managementof large corporates. There is a growing consensus that largecorporates ought to take more of a stewardship approach torunning a company in a clear attempt to move away from the agency theory approach, with all its attendant problems and issues. A fundamental component of corporate governance concerns the adequate recognition of risk faced by the organisation and dealing with it appropriately. Traditional corporate IT risk is well understood, as are the mitigation strategies needed to address this important area. Large corporates also understand risk theory well, and how finding the right balance between risk and profitability is key to ensuring profitability can be maximised while ensuring long term sustainability and resilience are also achieved. We assert that the cloud computing paradigm, while economically attractive to corporates, provides such a step change from traditional IT paradigms, that new risks have evolved, which are not well understood, leading to the possibility of unintended exposure to these sometimes considerable risks. We propose a different approach to the quantification of these risks, which we believe will provide a more robust approach to understanding the potential exposure they face when using cloud.

KW - Corporate governance

KW - corporate stewardship

KW - risk appetite

KW - cloud security risk

M3 - Conference contribution

SN - 9781612085296

SP - 139

EP - 144

BT - Eighth International Conference on Cloud Computing, GRIDs, and Virtualization (CLOUD COMPUTING 2017)

A2 - Westphall, Carlos Becker

A2 - Lee, Yong Woo

A2 - Duncan, Bob

A2 - Olmsted, Aspen

A2 - Vassilakopoulos, Michael

A2 - Lambrinoudakis, Costas

A2 - Katsikas, Sokratis K.

A2 - Ege, Raimund

PB - IARIA

CY - Athens

ER -