Unified Cybersecurity Risk Management Frameworks For Cloud And Ai-Powered Enterprises: A Literature Review And Research Gap Analysis

Abstract

Massive implementation of cloud computing and Artificial intelligence (AI) changed the landscape of enterprise operations and posed complicated cybersecurity threats. Conventional risk-based management models are incapable of keeping abreast with the dynamic and highly fluid nature of threats promoted by AI and cloud risks. The increasingly complex nature of cyber threat environment poses serious difficulties on the efficiency of the current cybersecurity risk management frameworks. In this paper, the author performs an in-depth study of the salient frameworks, such as ISO/IEC 27001, the NIST Cybersecurity Framework. Although these frameworks provide a systematic approach to information security, most institutions have found it challenging to implement the frameworks due to operational constraints, fast rate of technology changes, and complexity of the cyber threats like Advanced Persistent Threats (APTs). In addition, the use of a fix, past-oriented data tends to make such frameworks inefficient to combat new and real-time threats.