Developing Proactive Threat Mitigation Strategies for Cloud Misconfiguration Risks in Financial SaaS Applications

Olufunke Cynthia Metibemu; Temilade Oluwatoyin Adesokan-Imran; Adekunbi Justina Ajayi; Olufisayo Juliana Tiwo; Abayomi Titilola Olutimehin; Oluwaseun Oladeji Olaniyi

doi:10.9734/jerr/2025/v27i31442

Developing Proactive Threat Mitigation Strategies for Cloud Misconfiguration Risks in Financial SaaS Applications

Full Article - PDF Review History Discussion

Published: 2025-03-15

DOI: 10.9734/jerr/2025/v27i31442

Page: 393-413

Issue: 2025 - Volume 27 [Issue 3]

Olufunke Cynthia Metibemu *

Ekiti State University, Ado-Ekiti, Nigeria, Iworoko Road, PMB 5363, Ado-Ekiti, Ekiti State, Nigeria.

Temilade Oluwatoyin Adesokan-Imran

University of Ibadan, Oduduwa Road, 200132, Ibadan, Oyo, Nigeria.

Adekunbi Justina Ajayi

Obafemi Awolowo University, PMB 013, Ile-Ife, Osun State, Nigeria.

Olufisayo Juliana Tiwo

University of Lagos, University Road Lagos Mainland Akoka, Yaba, Lagos, Nigeria.

Abayomi Titilola Olutimehin

Royal Holloway University of London, Egham, Surrey. United Kingdom.

Oluwaseun Oladeji Olaniyi

University of the Cumberlands, 104 Maple Drive, Williamsburg, KY 40769, United States of America.

*Author to whom correspondence should be addressed.

Abstract

Cloud misconfigurations in financial Software-as-a-Service (SaaS) applications pose significant cybersecurity risks, leading to data breaches, financial losses, and reputational harm. This study utilizes data from the Cloud Security Alliance (CSA) Top Threats Dataset, Verizon Data Breach Investigations Report (DBIR), and the MITRE ATT&CK Framework to examine the causes and types of misconfigurations, analyze their financial impact, and evaluate the effectiveness of mitigation strategies. A Chi-Square Test for Independence, Ordinary Least Squares (OLS) Regression, and Kaplan-Meier Survival Analysis were employed to quantify these risks. Findings indicate that IAM errors (183 occurrences) and exposed APIs (156 occurrences) are the most frequent misconfigurations, with high-severity misconfigurations resulting in an average financial loss of $7.6M and regulatory fines of $2.5M. Implementation of Zero Trust Architecture, Cloud Security Posture Management (CSPM), and strict IAM controls reduced breach probability from 70% to 40%. This study examines cloud misconfigurations in financial SaaS applications using datasets from 2018 to 2024, providing a risk quantification of security threats and a financial impact assessment of breaches. Findings reveal that IAM errors and exposed APIs are the most frequent misconfigurations, causing severe financial losses. The effectiveness of Zero Trust and CSPM in reducing breach probability is analyzed. Future research should explore AI-driven security solutions for real-time misconfiguration detection and automated risk prevention in cloud environments. Recommendations include automating security controls, enforcing Zero Trust policies, integrating security training, and strengthening regulatory compliance.

Keywords: Cloud misconfigurations, financial saas security, zero trust architecture, cloud security posture management, regulatory compliance

How to Cite

Metibemu, Olufunke Cynthia, Temilade Oluwatoyin Adesokan-Imran, Adekunbi Justina Ajayi, Olufisayo Juliana Tiwo, Abayomi Titilola Olutimehin, and Oluwaseun Oladeji Olaniyi. 2025. “Developing Proactive Threat Mitigation Strategies for Cloud Misconfiguration Risks in Financial SaaS Applications”. Journal of Engineering Research and Reports 27 (3):393-413. https://doi.org/10.9734/jerr/2025/v27i31442.

Downloads

Download data is not yet available.