Journal Menu► ▼ Journal Menu
Journal Browser► ▼ Journal Browser
Special Issue "Cloud Security Risk Management"
Deadline for manuscript submissions: 1 April 2020.
“Information security is Information Risk Management”, proclaimed Dan Geer at the beginning of the century. After almost two decades, the design and development of effective risk-based management strategies for modern information systems, in particular with regard to cybersecurity threats, has proven to be still ridden with difficult technical and nontechnical challenges, like the insufficient adoption of quantitative risk assessment approaches, integration of security risk monitoring features with development and operation functions, or understanding of human errors leading to security incidents. The advent of cloud computing and its “as-a-Service” centralized nature has changed the scenario of modern information systems and applications, for both organizations and end-users, sometimes in unforeseen ways, for example with respect to data management and protection, the availability and accountability of online services, and even the advertising-based revenue model playing a key role in the current digital society. This evolution has also changed the risk landscape, introducing new threats, threat agents, and vectors. Cloud-based systems also introduced different, more complex, cause–effect relations between risks and the subjects possibly affected by their consequences. Similarly, risk mitigation solutions, for example, with respect to the role of assurance and certifications, are subject to changes in a cloud-based context. Overall, cloud security risk management needs innovative approaches (e.g., analysis methodologies, models, simulations) to take into account risks resulting from the technical infrastructure and risks emerging from the complex network of relations between services, data, and stakeholders. The typical dynamic nature of cloud infrastructures adds an additional layer of complexity to security risk management, in terms of monitoring of dynamic systems and networks. Recent important advances, like the integration between edge and cloud computing, are going to raise further the degree of complexity. Regulatory compliance, contractual obligations, and accountability are also important aspects to be considered. Authors are invited to submit papers tackling the technical or nontechnical problems and challenges posed by cloud security risk management.
Dr. Marco Cremonini
Manuscript Submission Information
Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All papers will be peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.
Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Information is an international peer-reviewed open access monthly journal published by MDPI.
Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 1000 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.
- Risk assessment of cloud security risks
- Cloud security vulnerabilities and risk-based prioritization
- Risk in edge/cloud computing
- Systemic risk to cloud infrastructures
- Risk scenarios analyses and simulations
- Cloud security risk assurance
- Human and organizational errors
- Economics of cloud security risk management
- Legal and regulatory compliance challenges