Enhancing Financial Cybersecurity in Cloud Engineering: A Systematic Review of Threats, Mitigation Strategies and Regulatory Compliance
Omoshalewa Anike Adeosun *
University of South Wales, Newport, UK.
Adepeju Deborah Bello
Barclays Bank, UK.
Oreoluwa Abimbola Serifat
Nexford University, USA.
Clifford Godwin Amomo
Stephen F. Austin State University, USA.
*Author to whom correspondence should be addressed.
Abstract
Aims: This review analyses the intersection of cloud engineering and cybersecurity in the financial sector, highlighting how advanced cloud technologies can improve defences against cyber threats for safe evolution. The aim is to examine modern methodologies, frameworks, and technologies that enhance financial cybersecurity through cloud-based solutions.
Methodology: A comprehensive literature review methodology is employed to assess existing studies that explore prevalent trends and challenges based on peer-reviewed articles, technical reports, and industry case studies. A total of 16 papers and case studies were selected for their relevance and methodological robustness.
Result and Discussion: It thoroughly discusses the methods used for risk evaluation of data breach, phishing attacks, and ransomware, employing the principles of cloud engineering: scalability, elasticity, and automation. The review has further pointed out that financial institutions using cloud technologies are subjected to some critical cybersecurity threats, including data breaches, insider threats, and vulnerabilities that emanate from hybrid and multi-cloud environments. The paper finds that advanced mitigation techniques (such as a zero trust architecture, AI-driven fraud detection, blockchain, and Infrastructure as Code (Iac) provide solid approaches to boost cloud security. DevSecOps, microservices, automated CI/CD pipelines and other such secure cloud engineering practices are becoming adopted to boost resilience and compliance in a cloud infrastructure. Additionally, the reasons why it is essential to stick to the cloud security practices are being discussed and imposed on common regulations like GDPR, PCI-DSS, for instance, ISO/IEC.
Conclusion and Recommendations for Future Research: Finally, the review recommends that future research should focus on developing AI-driven security orchestration platforms, enhancing cloud governance models, and exploring socio-technical aspects of cybersecurity. Additionally, it advocates for an empirical investigation into the economic and operational impacts of device cloud-type transformations over time.
Keywords: Regulatory compliance, financial cybersecurity, cloud engineering, zero trust architecture, risk management, secure cloud infrastructure