Corporate Governance, Risk Appetite and Cloud Security Risk: A Little Known Paradox. How Do We Square the Circle?

Research output: Chapter in Book/Report/Conference proceedingConference contribution

42 Downloads (Pure)

Abstract

In today’s corporate world, the notion of corporate
governance has taken a more important role in the management
of large corporates. There is a growing consensus that large
corporates ought to take more of a stewardship approach to
running a company in a clear attempt to move away from the agency theory approach, with all its attendant problems and issues. A fundamental component of corporate governance concerns the adequate recognition of risk faced by the organisation and dealing with it appropriately. Traditional corporate IT risk is well understood, as are the mitigation strategies needed to address this important area. Large corporates also understand risk theory well, and how finding the right balance between risk and profitability is key to ensuring profitability can be maximised while ensuring long term sustainability and resilience are also achieved. We assert that the cloud computing paradigm, while economically attractive to corporates, provides such a step change from traditional IT paradigms, that new risks have evolved, which are not well understood, leading to the possibility of unintended exposure to these sometimes considerable risks. We propose a different approach to the quantification of these risks, which we believe will provide a more robust approach to understanding the potential exposure they face when using cloud.
Original languageEnglish
Title of host publicationEighth International Conference on Cloud Computing, GRIDs, and Virtualization (CLOUD COMPUTING 2017)
EditorsCarlos Becker Westphall, Yong Woo Lee, Bob Duncan, Aspen Olmsted, Michael Vassilakopoulos, Costas Lambrinoudakis, Sokratis K. Katsikas, Raimund Ege
Place of PublicationAthens
PublisherIARIA
Pages139-144
Number of pages6
ISBN (Print)9781612085296
Publication statusPublished - 20 Feb 2017
EventThe Eighth International Conferences on Cloud Computing, GRIDs, and Virtualization - Athens, Greece
Duration: 19 Feb 201723 Feb 2017

Conference

ConferenceThe Eighth International Conferences on Cloud Computing, GRIDs, and Virtualization
Abbreviated titleCLOUD COMPUTING 2017
CountryGreece
CityAthens
Period19/02/1723/02/17

    Fingerprint

Keywords

  • Corporate governance
  • corporate stewardship
  • risk appetite
  • cloud security risk

Cite this

Duncan, B., Zhao, Y., & Whittington, M. (2017). Corporate Governance, Risk Appetite and Cloud Security Risk: A Little Known Paradox. How Do We Square the Circle? In C. B. Westphall, Y. W. Lee, B. Duncan, A. Olmsted, M. Vassilakopoulos, C. Lambrinoudakis, S. K. Katsikas, ... R. Ege (Eds.), Eighth International Conference on Cloud Computing, GRIDs, and Virtualization (CLOUD COMPUTING 2017) (pp. 139-144). [28008] Athens: IARIA.