Security Risk Assessment Models for Cloud-Based Financial Services in the FinTech Sector

Jessica Renee

Authors

Jessica Renee FinTech Cybersecurity Analyst, United States. Author

Keywords:

Cloud Security, FinTech, Risk Assessment, Cybersecurity, Cloud Computing, Financial Services, Threat Modeling, Vulnerability Management

Abstract

The integration of cloud computing into financial technology (FinTech) infrastructures has reshaped operational efficiency and customer engagement. However, it also introduces a multifaceted security risk landscape that demands robust assessment models. This paper evaluates current risk assessment methodologies tailored to cloud-based financial services, emphasizing their applicability in the FinTech domain. It critically examines both qualitative and quantitative approaches to security risk modeling, identifying strengths, limitations, and emerging trends. Through a literature review of works and an analysis of current frameworks, the paper aims to propose a structured evaluation matrix for effective risk identification and mitigation in cloud-based FinTech systems.

References

Mather, Tim, Subra Kumaraswamy, and Shahed Latif. Cloud Security and Privacy: An Enterprise Perspective on Risks and Compliance. O’Reilly Media, 2009.

Zissis, Dimitrios, and Dimitrios Lekkas. "Addressing Cloud Computing Security Issues." Future Generation Computer Systems, vol. 28, no. 3, 2012, pp. 583–592.

Takabi, Hassan, James B. D. Joshi, and Gail-Joon Ahn. "Security and Privacy Challenges in Cloud Computing Environments." IEEE Security & Privacy, vol. 8, no. 6, 2010, pp. 24–31.

European Union Agency for Cybersecurity (ENISA). Cloud Computing Risk Assessment. ENISA Publications, 2010.

Cloud Security Alliance. Security Guidance for Critical Areas of Focus in Cloud Computing. Cloud Security Alliance, 2011.

Pratinav, A. (2025). Handling Long-Running Tasks in a Serverless Architecture. ISCSITR–International Journal of Cloud Computing (ISCSITR-IJCC), 6(5), 1–5. https://doi.org/10.63397/ISCSITR-IJCC_2025_06_05_001

Mell, Peter, and Tim Grance. The NIST Definition of Cloud Computing. National Institute of Standards and Technology, 2011.

Modarresi, Mohammad H., et al. “A Survey on Security Risk Assessment Methods in Cloud Computing.” Journal of Information Security and Applications, vol. 31, 2017, pp. 10–26.

Rosado, David G., et al. "Security Analysis in the Migration to Cloud Environments." Future Internet, vol. 4, no. 2, 2012, pp. 469–487.

Popović, Katarina, and Željko Hocenski. "Cloud Computing Security Issues and Challenges." Proceedings of the 33rd International Convention MIPRO, 2010, pp. 344–349.

Hashizume, Keiko, et al. "An Analysis of Security Issues for Cloud Computing." Journal of Internet Services and Applications, vol. 4, no. 1, 2013, pp. 1–13.

Subashini, Subashini, and Veeraruna Kavitha. "A Survey on Security Issues in Service Delivery Models of Cloud Computing." Journal of Network and Computer Applications, vol. 34, no. 1, 2011, pp. 1–11.

Chen, Deyan, and Hong Zhao. "Data Security and Privacy Protection Issues in Cloud Computing." International Conference on Computer Science and Electronics Engineering, 2012, pp. 647–651.