Shashank Singh

March 15, 2024

CS3340 Learning Journal Entry - Unit 7

Cyber Threats to Cloud Computing

In this unit, I delved into the intricate realm of cyber threats to cloud computing, which

proved to be both enlightening and concerning. One of the most interesting facts I learned is

the scale and impact of data breaches in cloud environments. The readings highlighted that

cybercriminals target organizations and individuals to exploit valuable data, which can lead to

significant financial losses, reputational damage, and legal implications (Bushkovskyi, 2019).

For instance, the 2017 Equifax data breach stands as one of the largest in history, where cyber

attackers exploited a vulnerability in a web application to gain unauthorized access to

sensitive personal information of approximately 147 million people. This breach not only

cost Equifax over $1 billion in settlements and recovery efforts but also severely tarnished its

reputation, demonstrating the real-world consequences of inadequate cloud security

measures.

I found this fact particularly noteworthy because it underscores the importance of robust

cybersecurity measures in safeguarding sensitive information stored in the cloud. Without

proper safeguards, organizations are vulnerable to various cyber threats, including data

breaches, malware attacks, and insider threats. The dynamic nature of these threats requires

continuous monitoring, threat intelligence gathering, and proactive security measures to

effectively mitigate risks and protect cloud environments.

The reason this fact stood out to me is because it underscores the evolving nature of cyber

threats and the critical need for organizations to stay vigilant and proactive in protecting their

data assets. As cloud adoption continues to soar, cybercriminals are constantly devising new
tactics and techniques to exploit vulnerabilities and gain unauthorized access to cloud

resources. Understanding the scale and impact of data breaches motivates me to delve deeper

into the intricacies of cybersecurity in cloud computing, including emerging threat vectors,

best practices for risk mitigation, and the latest technologies for threat detection and response.

In terms of further exploration, I plan to conduct in-depth research on specific case studies of

data breaches in the cloud, analysing the root causes, impact on affected organizations, and

lessons learned. By studying real-world examples, I aim to gain deeper insights into the

common vulnerabilities and weaknesses in cloud security posture, as well as identify

effective strategies for preventing and mitigating cyber threats.

Personal Experience with Cloud Computing and User Data Protection

Reflecting on my personal experience with cloud computing, I realize that I have been

leveraging cloud services extensively for various purposes, including data storage,

collaboration, and application hosting. While cloud computing offers unparalleled

convenience and scalability, it also raises significant concerns about user data protection and

privacy.

In my professional capacity, I have utilized cloud platforms such as Microsoft Azure and

Amazon Web Services (AWS) for deploying and managing enterprise applications. While

these platforms offer robust security features and compliance certifications, I am aware of the

inherent risks associated with storing sensitive data in the cloud, such as data breaches,

unauthorized access, and compliance violations (Hashmi, Ranjan, & Anand, 2018). For

instance, the Capital One data breach in 2019 exposed the personal information of over one

hundred million customers due to a misconfigured web application firewall in the AWS cloud

infrastructure. This incident underscored the importance of proper configuration management

and adherence to security best practices in cloud environments to prevent unauthorized access

and data exposure.

To mitigate these risks, I have implemented stringent access controls, encryption

mechanisms, and regular security audits to ensure the confidentiality, integrity, and

availability of data stored in the cloud. Additionally, I have closely monitored regulatory

requirements and industry standards to ensure compliance with data protection laws and

regulations (Yeluri & Leon, 2014). For example, the implementation of the General Data

Protection Regulation (GDPR) in the European Union has necessitated organizations to adopt

robust data protection measures, including data encryption, anonymization, and user consent

mechanisms, to ensure compliance with stringent privacy requirements.

Overall, my personal experience with cloud computing has reinforced the importance of

prioritizing user data protection and implementing comprehensive cybersecurity measures to

safeguard sensitive information in cloud environments.

References:

 Bushkovskyi, O. (2019, July 26). Cloud computing security risks in 2021, and how to

avoid them. The APP solutions. https://theappsolutions.com/blog/development/cloud-

security-risks/

 Hashmi, A., Ranjan, A., Anand, A. (2018, January 31). Security and compliance

management in cloud computing. International journal of advanced studies in computer

science and engineering IJASCSE. https://cutt.ly/8nIriNP

 Yeluri, R., & Leon, E.C. (2014, March 27). Identity management and control for clouds.

Building the infrastructure for cloud security, 141- 161.

https://link.springer.com/content/pdf/10.1007%2F978-1-4302-6146-9.pdf