Citation:

Chaitanya Vootkuri, 2023. "Measuring Cloud Security Maturity: A Hybrid Approach Combining AI and Automation", ESP Journal of Engineering & Technology Advancements 3(1): 213-223.

Abstract:

The recent advancement in cloud technologies has led to quick adaptation in business processes, but however has presented new risks to security. Organisations that want to safeguard against risk, enhance compliance and guarantee that their company has sound protection must be able to assess cloud security maturity. Generally speaking, traditional frameworks presuppose archaic, non-intelligent evaluations that do not consider dynamics of the cloud space. This paper aims at carrying out an assessment of cloud security maturity through the AI-automated Cloud Security Maturity Model (CSMM). The methodology combines artificial intelligence-driven analytics with automation to constantly analyze an organization’s cloud security position. Some of them include threat identification in real-time, analytical forecasts, and regulatory compliance tests, in order to prevent hackers and secure compliance with new rules. A comparison is done with other globally established frameworks such as the Cloud Security Alliance (CSA) Cloud Controls Matrix and the NIST Cybersecurity Framework. This paper does reference several examples to support the organizational performance with regard to response time improvement, cuts in manual work, and decision making based on AI automation. And it makes recommendations on how to facilitate the hybrid model to succeed stressing on the human resource quality and dynamical structures of governance. It has introduced a new more flexible approach to measure cloud security maturity and tailored it to stay relevant in the modern challenging environment.

References:

[1] Deb, M., & Choudhury, A. (2021). Hybrid cloud: A new paradigm in cloud computing. Machine learning techniques and analytics for cloud security, 1-23.

[2] Sengupta, S., Kaulgud, V., & Sharma, V. S. (2011, July). Cloud computing security--trends and research directions. In 2011 IEEE World Congress on Services (pp. 524-531). IEEE.

[3] Radwan, T., Azer, M. A., & Abdelbaki, N. (2017). Cloud computing security: challenges and future trends. International Journal of Computer Applications in Technology, 55(2), 158-172.

[4] Paxton, N. C. (2016, November). Cloud security: a review of current issues and proposed solutions. In 2016 IEEE 2nd International Conference on Collaboration and Internet Computing (CIC) (pp. 452-455). IEEE.

[5] Zero Trust Architecture: The Future of Cybersecurity, online. https://www.linkedin.com/pulse/zero-trust-architecture-future-cybersecurity-mukund-chaudhary--glcwc

[6] Kulkarni, G., Gambhir, J., Patil, T., & Dongare, A. (2012, June). A security aspect in cloud computing. In 2012 IEEE International Conference on Computer Science and Automation Engineering (pp. 547-550). IEEE.

[7] Popović, K., & Hocenski, Ž. (2010, May). Cloud computing security issues and challenges. In The 33rd International Convention Mipro (pp. 344-349). IEEE.

[8] What is the Cloud Maturity Model: Guide For Successful Cloud Adoption, Bacancy, online. https://www.bacancytechnology.com/blog/cloud-maturity-model

[9] Van Der Aalst, W. M. (2021). Hybrid Intelligence: to automate or not to automate is the question. International Journal of Information Systems and Project Management, 9(2), 5-20.

[10] Hagemann, S., Sünnetcioglu, A., & Stark, R. (2019). Hybrid artificial intelligence system for the design of highly automated production systems. Procedia Manufacturing, 28, 160-166.

[11] Czako, Z., Sebestyen, G., & Hangan, A. (2021). AutomaticAI–A hybrid approach for automatic artificial intelligence algorithm selection and hyperparameter tuning. Expert Systems with Applications, 182, 115225.

[12] Agarwal, A., Siddharth, S., & Bansal, P. (2016, March). Evolution of cloud computing and related security concerns. In 2016 Symposium on Colossal Data Analysis and Networking (CDAN) (pp. 1-9). IEEE.

[13] McKay, M. (2012, May). Best practices in automation security. In 2012 IEEE-IAS/PCA 54th Cement Industry Technical Conference (pp. 1-15). IEEE.

[14] Mohammad, S. M., & Surya, L. (2018). Security automation in Information technology. International journal of creative research thoughts (IJCRT)–Volume, 6.

[15] Anwar, Z., & Campbell, R. (2008). Automated assessment of compliance with security best practices. In Critical Infrastructure Protection II 2 (pp. 173-187). Springer US.

[16] O'Grady, N. (2021). Automating security infrastructures: Practices, imaginaries, politics. Security Dialogue, 52(3), 231-248.

[17] Maddireddy, B. R., & Maddireddy, B. R. (2020). Proactive Cyber Defense: Utilising AI for Early Threat Detection and Risk Assessment. International Journal of Advanced Engineering Technologies and Innovations, 1(2), 64-83.

[18] Achieving cloud excellence with cloud maturity models, IBM, online. https://www.ibm.com/think/topics/cloud-maturity-model

[19] Celik, M. (1992). Overview of compaction data analysis techniques. Drug development and industrial pharmacy, 18(6-7), 767-810.

[20] Ramos, A., Lazar, M., Holanda Filho, R., & Rodrigues, J. J. (2017). Model-based quantitative network security metrics: A survey. IEEE Communications Surveys & Tutorials, 19(4), 2704-2734.

Keywords:

Cloud Security, Artificial Intelligence (AI), Automation, Threat Detection, Compliance, Governance.