Abstract:

In 2023, 45.2% of companies in the EU purchased cloud computing services for hosting their e-mail systems, storing files in electronic form and using office software [1]. In Poland alone, compared to 2021, the use of cloud services by enterprises increased by 27 percentage points reaching 53%, including as many as 88.4% of large companies employing more than 250 people [2]. This trend is naturally consequence of dynamic development of digital technologies and e-services. Rapid and easy access to entire platforms enabling companies to initiate ITdriven business processes with minimal delay is one of the biggest advantages of cloud computing. Moreover, enterprises can provide their electronic services worldwide with minimal network latency regardless of where the users are located. The same applies to employees working remotely. In the European Union, 22.2% of people aged 15 to 64 usually or occasionally work from home [3]. Both remote and on-site employees use their account to login in to cloud environment, software and systems where companies’ resources are processed. They gain access to email and office software to create, store and share documents and files, as well as to communicate online. Although, this approach improves work efficiency and flexibility, it also exposes enterprises to additional risks. Systems and data stored and processed in cloud environments have become a valuable target for cybercriminals. The rise of cyber threats such as hacking, data breaches, phishing and ransomware has highlighted the need for robust security measures to protect cloud computing infrastructure and cloud data [4]. Once compromised, systems are frequently exploited as footholds for lateral movement and as platforms (e.g., botnets, phishing platform) to execute further attacks. Stolen or encrypted data may be used to blackmail victims, often by leaking the stolen information on the Internet. In addition, ransomware incidents can cause severe disruptions to business continuity and operational processes.