Cybersecurity Strategies to Mitigate Insider Threats in Multi-cloud Environments
摘要
Despite extensive research, insider threats remain a concern for financial services organisations in the cloud, evidenced by the increasing number of incidents globally. These threats result in significant data and financial losses. With the rising adoption of multi-cloud, organisations face added complexity in managing and securing their information systems (IS) due to disparate architecture, tools, and security policies. Given this complexity, this research explored how financial services organisations adapt their cybersecurity strategies to mitigate insider threats in multi-cloud environments. It used a qualitative single case study strategy, interviewing IT and security professionals at a South African financial services organisation. The data collected was analysed using thematic analysis, which produced several findings. The findings reveal that the cybersecurity strategy adaptations in multi-cloud focus on centralising and simplifying the management of environments while reducing the attack surface. This is enabled through the use of cloud-agnostic tools, governance, and training. In addition, the tools provide a comprehensive view of the environment through a single dashboard while enhancing monitoring capabilities. These measures collectively reduce the risk associated with misconfiguration, unauthorised access and inconsistency in multi-cloud. Consequently, this research confirms the importance of combining technical and non-technical controls to address malicious and non-malicious insider threats in multi-cloud, as highlighted in previous research on single clouds. Despite these adaptations, challenges remain, including the limitations of tools that support public but not private clouds and difficulties in getting employees to adopt the required training.