Home // CLOUD COMPUTING 2019, The Tenth International Conference on Cloud Computing, GRIDs, and Virtualization // View article

Invisible Ubiquity - Cloud Security in UK Corporate Annual Reporting

Authors:
Bob Duncan
Mark Whittington

Keywords: FTSE100 companies; GDPR compliance; cloud forensic problem

Abstract:
The cloud is embedded in the operations of large businesses, who will understand the incentives in terms of cost reduction but also need to recognise, accept and mitigate the risks that come with adoption of an approach that brings in more actors and more opportunities for rogue interventions. We address the extent to which the five quoted UK banks, as an interesting sample of UK quoted corporates, inform their shareholders of the benefits and risks of cloud use through the traditional official medium of the annual report. There has been a rise in pressure, whether legal, quasi-legal or perceived best practice, to report significant risks to the business and it would be reasonable to assume that using the cloud might be such a risk. A study of the banks’ lengthy reports, with over 1,600 pages across the five reports for 2017, shows minimal mention of cloud as a risk, but the use of “cyber” as the term for, it seems, internet and computer risks of all kinds. The reports focus on directors overseeing and making themselves aware of risks with much of the language vague with key terms not defined. Standard Chartered, however, seems to take a different and, it is suggested, a more constructive approach than their peers.

Pages: 13 to 18

Copyright: Copyright (c) IARIA, 2019

Publication date: May 5, 2019

Published in: conference

ISSN: 2308-4294

ISBN: 978-1-61208-703-0

Location: Venice, Italy

Dates: from May 5, 2019 to May 9, 2019