DOI: 10.1093/9780198972877.003.0083 ISSN:

Confidentiality, integrity, and availability in the cloud

Victoria Brasier

Abstract

Cloud computing has transformed how modern organizations deliver services, manage information, and scale operations, making it critical to business continuity. This dependency will grow with increasing artificial intelligence adoption. The high frequency of outages and data breaches caused by materialized cloud risks highlights the urgent need for more effective governance. This article will recommend to Executive Boards and risk leaders ways to protect business continuity using the governance principles of confidentiality, integrity, and availability (CIA) of information in the cloud. Drawing on recent incidents, regulatory developments, and established governance frameworks, the article maps key cloud computing risks with practical governance responses. Strong, accountable governance is the primary mechanism by which organisations can access the benefits of cloud, whilst controlling the risks. Business continuity and regulatory compliance require governance oversight to ensure that data, information, technology, and security management activities deliver both CIA protection and resilience. Even a single cloud misconfiguration can be exploited by malicious actors to compromise CIA, resulting in severe impacts for unprepared organisations. Artificial intelligence–related cloud risks are evolving rapidly, triggering new regulation and increased security spending. The complex geopolitical climate exacerbates these risks, making a governance response essential.

More from our Archive