About usPropertySmart CitiesProject managementEducation
AerospaceFuture of TaxCareers in Tech & EngineeringFuture of workSupporting SMEs
SportBusiness ResilienceNational Inclusion WeekEmployee WellbeingSTEM
FinanceEntrepreneurs & SMEsArtificial IntelligenceSupply Chains & LogisticsGaming & Esports
Life sciencesBusiness TravelDigital TransformationTransportRetail & E-Commerce
ManufacturingSupply ChainManaging Your MoneyBusiness TransformationHealthcare
EdTechApprenticeshipsSustainable BusinessSustainable LivingTransforming the Workplace
Client surveyRenewable Futures
Home » Cybersecurity & Cloud Computing 2025 » Why cloud security and protecting your data responsibly matter
Cybersecurity & Cloud Computing 2025

Why cloud security and protecting your data responsibly matter

Cloud Innovation: Embracing Digital Transformation in Modern Technology and Connectivity
Cloud Innovation: Embracing Digital Transformation in Modern Technology and Connectivity

Patrick Burgess

Member of BCS Information Security Specialist Group (ISSG) and Technical Director, Nutbourne Ltd

    Steve Sands

    Chair of BCS Information Security Specialist Group (ISSG)

      Most of us use cloud computing every day without realising it. Whether you are streaming, shopping, banking, travelling, checking your email or accessing NHS services, you’re using ‘the cloud.’

      As we continue to share increasing amounts of personal and private information, we should all start to care more about privacy and security and ask who is responsible for keeping it secure and available.

      Complex and convoluted supply chains

      The supply chains that provide online services we use daily have become extremely complex, and the companies providing them are largely invisible to the average user. We may assume that the company we sign up to is in full control, but this is almost never true. Services are built on top of each other, stacked like a tower. 

      We and others make assumptions about the cybersecurity, resilience and quality of the bricks further down the tower. The result is that service users are increasingly impacted by data breaches and service outages by organisations they have not heard of but have real-world impacts on their lives.

      The responsibility for data
      security sits squarely with
      the principal service provider.

      AI and data security

      Artificial intelligence (AI) is now everywhere, with some companies incorporating unproven technologies to keep up with the trend. Most of us simply don’t know (or probably care) what happens when we input information into an AI system. We’re unlikely to know how it’s used and stored. There are questions that we don’t think to ask but perhaps should. After all, it’s our information.

      Accountability through risk management

      With such reliance on third-party services and cloud computing, organisations using such platforms and services must manage them effectively. They need to truly understand ‘all the blocks in their tower’ and ensure effective risk management throughout their supply chain. We won’t stop using online services that improve our lives, but it would be good if we became more curious about how services are delivered. The responsibility for data security sits squarely with the principal service provider. They need to understand the cyber and privacy risks inherent in their own tower, down to the last brick, and build on solid foundations using recognised standards and frameworks.

      Author
      Patrick Burgess and Steve Sands
      Next
      Share Share
      Topics
      Cybersecurity & Cloud Computing 2025
      Next article