Information Security in The Cloud Era: Strategies and Implementation
DOI:
https://doi.org/10.62872/40mq7e60Keywords:
cloud security, cybersecurity, digital governance, zero trustAbstract
Cloud computing has become a fundamental driver of global digital transformation, providing organizations with scalability, operational efficiency, and flexibility. However, the migration to cloud environments has also intensified cybersecurity challenges, including data breaches, misconfigurations, identity compromise, and evolving cyber-threats. This systematic literature review analyzes strategic and implementation approaches to cloud information security across multiple sectors. The study applies a structured methodology aligned with academic SLR standards to identify key security practices, technological controls, and governance frameworks. Findings reveal that effective cloud security requires a holistic model integrating Zero Trust Architecture, encryption, identity and access management, artificial intelligence-driven threat monitoring, and compliance with regulatory frameworks. Organizational readiness, human capability, and governance maturity significantly influence implementation outcomes. The study concludes that adaptive, multi-layer security models combined with continuous workforce development and regulatory harmonization are critical for building sustainable cloud resilience
Downloads
References
Abbas, A., Alroobaea, R., Krichen, M., Rubaiee, S., Vimal, S., & Almansour, F. M. (2024). Blockchain-assisted secured data management framework for health information analysis based on Internet of Medical Things. Personal and Ubiquitous Computing, 28(1), 59–72. https://doi.org/10.1007/s00779-021-01583-8
Abdulsalam, Y. S., & Hedabou, M. (2021). Security and Privacy in Cloud Computing: Technical Review. Future Internet, 14(1), 11. https://doi.org/10.3390/fi14010011
Adejumo, A. P., & Ogburie, C. P. (2025). The role of cybersecurity in safeguarding finance in a digital era. World Journal of Advanced Research and Reviews, 25(3), 1542–1556. https://doi.org/10.30574/wjarr.2025.25.3.0909
Adelusi, B. S., Ojika, F. U., & Uzoka, A. C. (2022). Advances in Cybersecurity Strategy and Cloud Infrastructure Protection for SMEs in Emerging Markets. Journal of Frontiers in Multidisciplinary Research, 3(1), 467–482. https://doi.org/10.54660/.JFMR.2022.3.1.467-482
Adeusi, O. C., Adebayo, Y. O., Ayodele, P. A., Onikoyi, T. T., Adebayo, K. B., & Adenekan, I. O. (2024). IT standardization in cloud computing: Security challenges, benefits, and future directions. World Journal of Advanced Research and Reviews, 22(3), 2050–2057. https://doi.org/10.30574/wjarr.2024.22.3.1982
Ahmad, W., Rasool, A., Javed, A. R., Baker, T., & Jalil, Z. (2021). Cyber Security in IoT-Based Cloud Computing: A Comprehensive Survey. Electronics, 11(1), 16. https://doi.org/10.3390/electronics11010016
Ahmadi, S. (2024). Systematic Literature Review on Cloud Computing Security: Threats and Mitigation Strategies. Journal of Information Security, 15(02), 148–167. https://doi.org/10.4236/jis.2024.152010
Alghofaili, Y., Albattah, A., Alrajeh, N., Rassam, M. A., & Al-rimy, B. A. S. (2021). Secure Cloud Infrastructure: A Survey on Issues, Current Solutions, and Open Challenges. Applied Sciences, 11(19), 9005. https://doi.org/10.3390/app11199005
Ang’udi, J. J. (2023). Security challenges in cloud computing: A comprehensive analysis. World Journal of Advanced Engineering Technology and Sciences, 10(2), 155–181. https://doi.org/10.30574/wjaets.2023.10.2.0304
Arumugam, K. J. (2025). Behind the Cloud: Uncovering Critical Security Threats. SSRN. https://doi.org/10.2139/ssrn.5160686
Baladari, V. (2024). ENHANCING PERFORMANCE AND SECURITY IN MULTI-CLOUD AND HYBRID-CLOUD ENVIRONMENTS. https://doi.org/10.5281/ZENODO.15020436
Bishukarma, R. (2023). Scalable Zero-Trust Architectures for Enhancing Security in Multi-Cloud SaaS Platforms. International Journal of Advanced Research in Science, Communication and Technology, 1308–1319. https://doi.org/10.48175/IJARSCT-14000S
Budiardjo, A., Nugroho, & Reksodiputro. (2019, October 30). Indonesia Issues Important New Regulation on Electronic (Network and Information) Systems. ABNR - Counsellors at Law. https://www.abnrlaw.com/news/indonesia-issues-important-new-regulation-on-electronic-network-and-information-systems
Chauhan, M., & Shiaeles, S. (2023). An Analysis of Cloud Security Frameworks, Problems and Proposed Solutions. Network, 3(3), 422–450. https://doi.org/10.3390/network3030018
Check Point Software Technologies Ltd. (2025, November 24). Cloud-based Cyberattacks Increased by 48% in 2022, as Hackers Continue to Leverage Digital Transformation. Global Security Mag Online. https://www.globalsecuritymag.com/Cloud-based-Cyberattacks-Increased-by-48-in-2022-as-Hackers-Continue-to.html
El-Bably, A. Y. (2021). Overview of the Impact of Human Error on Cybersecurity based on ISO/IEC 27001 Information Security Management. Journal of Information Security and Cybercrimes Research, 4(1), 95–102. https://doi.org/10.26735/WLPW6121
Eleweke, I., Umakor, M. F., Ndubuisi, C. W., Amomo, C. G., Adeniji, S., & Temidayo, M. (2025). Ai-Driven Threat Detection and Prevention in Cloud Computing Environments. American Journal of Innovation in Science and Engineering, 4(3), 49–56. https://doi.org/10.54536/ajise.v4i3.5041
Faisal, N. A., Nahar, J., Graduate Research Assistant, Department of Finance, Louisiana State University, Baton Rouge, Louisiana, USA, Sultana, N., Master in Management Information Systems, College of Business, Lamar University, Beaumont, USA, Mintoo, A. A., & Graduate student, School of Computer and Information Sciences, Washington University of Science and Technology (WUST), USA. (2024). Fraud Detection In Banking Leveraging Ai To Identify And Prevent Fraudulent Activities In Real-Time. Non Human Journal, 1(01), 181–197. https://doi.org/10.70008/jmldeds.v1i01.53
Gupta, N., Agrawal, R., & Arora, K. (2025). Cloud Computing in Healthcare: Risks and Security Measures. In R. Agrawal, P. S. Rathore, G. G. Devarajan, & R. R. Divivedi (Eds.), Artificial Intelligence and Cybersecurity in Healthcare (1st ed., pp. 221–242). Wiley. https://doi.org/10.1002/9781394229826.ch9
Hamza, R., Hassan, A., Ali, A., Bashir, M. B., Alqhtani, S. M., Tawfeeg, T. M., & Yousif, A. (2022). Towards Secure Big Data Analysis via Fully Homomorphic Encryption Algorithms. Entropy, 24(4), 519. https://doi.org/10.3390/e24040519
Hughes-Lartey, K., Li, M., Botchey, F. E., & Qin, Z. (2021). Human factor, a critical weak point in the information security of an organization’s Internet of things. Heliyon, 7(3), e06522. https://doi.org/10.1016/j.heliyon.2021.e06522
Husriadi, Muh., Bahar, H., & Windayani, W. (2024). CRITICAL REVIEW OF THE USE OF BLOCKCHAIN TECHNOLOGY IN IMPROVING MSME DATA TRANSPARENCY AND SECURITY. Journal of Finance, Economics and Business, 3(1), 53–60. https://doi.org/10.59827/jfeb.v3i1.107
Kadbe, P. K., Patil, B. H., Piske, R. S., & Patil, R. B. (2025). Malicious usage of artificial intelligence: Expansion of existing threats and novel threats. In Artificial Intelligence for Cyber Security and Industry 4.0. CRC Press.
Karagiannis, C., & Vergidis, K. (2021). Digital Evidence and Cloud Forensics: Contemporary Legal Challenges and the Power of Disposal. Information, 12(5), 181. https://doi.org/10.3390/info12050181
Katuk, N., Zaimy, N. A. ’ F., Krishnan, S., Kunhiraman, R. K., Lee, H.-H., & Eleyan, D. (2024). Fostering Cyber-Resilience in Higher Education: A Pilot Evaluation of a Malware Awareness Program for College Students. In N. H. Zakaria, N. S. Mansor, H. Husni, & F. Mohammed (Eds.), Computing and Informatics (Vol. 2002, pp. 154–167). Springer Nature Singapore. https://doi.org/10.1007/978-981-99-9592-9_12
Kaur, R., Gabrijelčič, D., & Klobučar, T. (2023). Artificial intelligence for cybersecurity: Literature review and future research directions. Information Fusion, 97, 101804. https://doi.org/10.1016/j.inffus.2023.101804
Khan, S. U., Khan, H. U., Ullah, N., & Khan, R. A. (2021). Challenges and Their Practices in Adoption of Hybrid Cloud Computing: An Analytical Hierarchy Approach. Security and Communication Networks, 2021, 1–20. https://doi.org/10.1155/2021/1024139
Kumar, K. J., Sai, K. A., Reddy, A. D., Daiwik Reddy, C. P., & Rajagopal, S. M. (2025). A Comprehensive End-to-End Solution for Web Security with Cryptography, Multi-Factor Authentication, and Secure Communication. 2025 3rd International Conference on Intelligent Data Communication Technologies and Internet of Things (IDCIoT), 325–332. https://doi.org/10.1109/IDCIOT64235.2025.10915145
MarketsandMarkets Research Pvt. Ltd. (2023, August 16). Public Cloud Market worth $987.7 billion by 2027, growing at a CAGR of 17.3 % Report by MarketsandMarketsTM. https://finance.yahoo.com/news/public-cloud-market-worth-987-140000910.html?guccounter=1&guce_referrer=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8&guce_referrer_sig=AQAAADvhqxESU5ZytB14_YEcQdKXSW5dxIgxqZH9iXMoMsJUxKxKbGavMuFPeDVBG5v4EqzqkFkTfJwuCjcon30kaMkVmGYLyS_zGgAVXqsULQnKDoWaUsIpOw99arCOXM_F1UVhA5QXdb9FaErm-bspbvx9D2Sjz8PiLaa4khU6FmCn
Mortimer, J. (n.d.). Cybersecurity for Sustainable and Digital Economic Transformations.
Odetunde, A., Adekunle, B. I., & Ogeawuchi, J. C. (2022). Using Predictive Analytics and Automation Tools for Real-Time Regulatory Reporting and Compliance Monitoring. International Journal of Multidisciplinary Research and Growth Evaluation, 3(2), 650–661. https://doi.org/10.54660/.IJMRGE.2022.3.2.650-661
Oladosu, S. A., Ike, C. C., Adepoju, P. A., Afolabi, A. I., Ige, A. B., & Amoo, O. O. (2021). Advancing cloud networking security models: Conceptualizing a unified framework for hybrid cloud and on-premise integrations. Magna Scientia Advanced Research and Reviews, 3(1), 079–090. https://doi.org/10.30574/msarr.2021.3.1.0076
Pandya, U. (2025, May 18). Enhancing Cloud Security and Compliance through Artificial Intelligence: A Conceptual Framework. International Conference on Computer Science, Artificial Intelligence, Machine Learning [ICCSAIML’25]. International Conference on Computer Science, Artificial Intelligence, Machine Learning. https://doi.org/10.56472/ICCSAIML25-135
Rasner, G. C. (2021). Cybersecurity and Third-Party Risk: Third Party Threat Hunting. https://books.google.co.id/books?hl=en&lr=&id=mw8zEAAAQBAJ&oi=fnd&pg=PT6&dq=digital+supply+chain+attacks+have+increased+by+300%25+in+the+last+five+years,+with+many+cases+related+to+intrusions+into+third-party+systems+that+then+affect+end+users&ots=av5B5NEztB&sig=iJQVcWQPMqQ4YPHXcb_0KZa0IZE&redir_esc=y#v=onepage&q&f=false
Rawal, B. S., Manogaran, G., & Peter, A. (2023). Cybersecurity and Identity Access Management. Springer Nature Singapore. https://doi.org/10.1007/978-981-19-2658-7
Rawindaran, N., Jayal, A., & Prakash, E. (2021). Machine Learning Cybersecurity Adoption in Small and Medium Enterprises in Developed Countries. Computers, 10(11), 150. https://doi.org/10.3390/computers10110150
Richard Arogundade, O. (2023). Strategic Security Risk Management in Cloud Computing: A Comprehensive Examination and Application of the Risk Management Framework. IARJSET, 11(1). https://doi.org/10.17148/IARJSET.2024.11105
Rusydi, M. T. (2025). Cyber Law Policy Development: Indonesia’s Response to International Cybercrime Threats. Journal of Progressive Law and Legal Studies, 3(01), 69–85. https://doi.org/10.59653/jplls.v3i01.1365
Sahetapy, H., Halik, M. Y., Sino, H. W., & Bokau, J. R. S. (2025). Big Data and Artificial Intelligence: Implications and Strategies for Business Development in Indonesia. Journal of Marketing Management and Innovative Business Review, 3(1), 65–77. https://doi.org/10.63416/mrb.v3i1.321
Sam, D., Nithya, K., Kanmani, S. D., Sheeba, A., Ebenezer, A. S., Maheswari, B. U., & Amesh, J. D. (2023). Survey of risks and threats in online learning applications. In L. J. Deborah, P. Vijayakumar, B. B. Gupta, & D. Pelusi, Secure Data Management for Online Learning Applications (1st ed., pp. 31–47). CRC Press. https://doi.org/10.1201/9781003264538-2
Santos, A., Martins, J., Duarte Pestana, P., Gonçalves, R., São Mamede, H., & Branco, F. (2024). Factors Affecting Cloud Computing Adoption in the Education Context—Systematic Literature Review. IEEE Access, 12, 71641–71674. https://doi.org/10.1109/ACCESS.2024.3400862
Silitonga, M. S. (2023). The Public Sector’s Digital Skills Gap in Indonesia: The Challenges and Opportunities. Jurnal Good Governance, 70–79. https://doi.org/10.32834/gg.v19i1.585
Singh, U. K., & Sharma, A. (2021). Cloud Computing Security Framework Based on Shared Responsibility Models. In V. Bali, V. Bhatnagar, D. Aggarwal, S. Bali, & M. J. Diván, Cyber-Physical, IoT, and Autonomous Systems in Industry 4.0 (1st ed., pp. 39–55). CRC Press. https://doi.org/10.1201/9781003146711-3
Smita Verma. (2025). Cybersecurity compliance in the age of remote work: Challenges and solutions. World Journal of Advanced Engineering Technology and Sciences, 15(1), 1112–1120. https://doi.org/10.30574/wjaets.2025.15.1.0286
Stewart, H. (2023). Digital Transformation Security Challenges. Journal of Computer Information Systems, 63(4), 919–936. https://doi.org/10.1080/08874417.2022.2115953
Syed, N. F., Shah, S. W., Shaghaghi, A., Anwar, A., Baig, Z., & Doss, R. (2022). Zero Trust Architecture (ZTA): A Comprehensive Survey. IEEE Access, 10, 57143–57179. https://doi.org/10.1109/ACCESS.2022.3174679
Vashishth, T. K., Sharma, V., Sharma, K. K., Kumar, B., Chaudhary, S., & Panwar, R. (2025). Securing the Cloud: Strategies for Protecting Sensitive Patient Data in Cloud-Based Healthcare Recommender Systems. In S. P. Singh, D. K. Jain, & J. Debayle (Eds.), Healthcare Recommender Systems (pp. 185–220). Springer Nature Switzerland. https://doi.org/10.1007/978-3-031-80056-6_9
Yusif, S., & Hafeez-Baig, A. (2021). A Conceptual Model for Cybersecurity Governance. Journal of Applied Security Research, 16(4), 490–513. https://doi.org/10.1080/19361610.2021.1918995
Downloads
Published
Issue
Section
License
Copyright (c) 2025 Nyoman Gunantara (Author)
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
