Cloud Stewardship Economics: Securing the New Business Infrastructure

Our critical national infrastructure is increasingly dependent on information systems and the services they support. Cloud computing ecosystems of service providers and consumers including individuals, public bodies, SMEs, large enterprises, and governments will become a significant part of the way these services are provided, allowing more agile coalitions, cost savings and improved service delivery. Existing approaches to information security do not easily extend to this multiparty world and a step change in security attitudes and information stewardship will be essential. In the cloud, it will be harder to establish the risks and obligations and to determine appropriate responses. The aim is to establish new approaches to managing risk for all the ecosystem participants, regulators and policy makers. We will build on and extend the work on mathematical and economic models developed as part of the TSB funded ÔÇÿTrust EconomicsÔÇÖ project. Specifically, providing a modelling framework for exploring responsibilities, threats, defences, and incentives of the cloud stakeholders that will be used to provide tools for the prediction, communication and mitigation of risk to decision-makers.