Social-media-based risk communication for data co-security on the cloud

Purpose: Cloud computing has disrupted the information technology (IT) industry. Associated benefits such as flexibility, payment on an on-demand basis and the lack of no need for IT staff are among the reasons for its adoption. However, these services represent not only benefits to users but also threats, with cybersecurity issues being the biggest roadblock to cloud computing success. Although ensuring data security on the cloud has been the responsibility of providers, these threats seem to be unavoidable. In such circumstances, both providers and users have to coordinate efforts to minimize negative consequences that might occur from these events. The purpose of this paper is to assess how providers and users can rely on social media to communicate risky events. Design/methodology/approach: Based on the Situational Theory of Publics and trust, the authors developed three research questions to analyze stakeholders’ communication patterns after a security breach. By gathering Twitter data, the authors analyzed the data security breach faced by the Premera Blue Cross’ Web application. Findings: The results indicate that Premera acted as the main source of information for Twitter users, while trustworthy actors such as IT security firms, specialists and local news media acted as intermediaries, creating small communities around them. Theoretical and practical implications are also discussed. Originality/value: Social media could be used for diffusing information of potential threats; no research has assessed its usage in a cloud-based security breach context. The study aims to fill this gap and propose a framework to engage cloud users in co-securing their data along with cloud providers when they face similar situations.