EFFECT OF TECHNOLOGICAL SECURITY CAPABILITY ON SECURE CLOUD ADOPTION AMONG KENYAN STATE CORPORATIONS

Authors

  • Samson Odhiambo Corresponding Author, Kenya Methodist University
  • Jenu John Lecturer, Kenya Methodist University, Department of Computer Science School of Science and Technology
  • Nyakoni Omwando Lecturer, Kenya Methodist University, Department of Computer Science School of Science and Technology

Keywords:

Technological Security Capability, Secure Cloud Adoption, State Corporations, Kenya, TOE Framework, PLS-SEM, Identity and Access Management, Cloud Security

Abstract

Purpose of the Study: This study examined the effect of technological security capability on secure cloud adoption among Kenyan state corporations. Specifically, it assessed whether technological security measures, including identity and access management, encryption, security monitoring, incident response readiness, and vulnerability assessment, significantly influence the secure adoption of cloud computing within public sector institutions.

Methodology: The study adopted a quantitative cross-sectional survey design guided by the Technology–Organisation–Environment (TOE) framework. Data were collected using structured questionnaires from ICT decision-makers in Kenyan state corporations. Responses from 112 participants were analyzed using SPSS Version 29 and SmartPLS 4 through Partial Least Squares Structural Equation Modelling (PLS-SEM).

Findings: The findings revealed that technological security capability had a positive but statistically non-significant effect on secure cloud adoption (β = 0.303, t = 1.587, p = 0.057). State corporations reported moderate to high levels of technological security capability, with data encryption receiving the highest ratings and cyber incident response readiness the lowest. The results suggest that while technological security controls contribute to secure cloud adoption, they are insufficient on their own. Their effectiveness depends on complementary organisational capabilities, governance structures, operational competencies, and enabling digital infrastructure that collectively support secure implementation and management of cloud computing environments.

Conclusion: The study concludes that technological security capability is a necessary but insufficient determinant of secure cloud adoption among Kenyan state corporations. Sustainable adoption requires integrating technical security controls with organisational readiness, governance mechanisms, skilled personnel, and supportive infrastructure to achieve secure, resilient, and effective cloud computing implementation.

DOI: https://doi.org/10.5281/zenodo.21215712

References

Alreemy, Z., Chang, V., Walters, R., & Wills, G. (2024). Critical success factors for cloud computing adoption in higher education institutions: A systematic review. Future Generation Computer Systems, 153, 128–147. https://doi.org/10.1016/j.future.2023.11.011

Amini, M., & Jahanbakhsh Imani, M. (2021). A systematic review of cloud computing adoption factors using TOE framework. International Journal of Information Management, 57, Article 102290. https://doi.org/10.1016/j.ijinfomgt.2020.102290

Anderson, J. C., & Gerbing, D. W. (1988). Structural equation modeling in practice: A review and recommended two-step approach. Psychological Bulletin, 103(3), 411–423. https://doi.org/10.1037/0033-2909.103.3.411

Armbrust, M., Fox, A., Griffith, R., Joseph, A. D., Katz, R., Konwinski, A., Lee, G., Patterson, D., Rabkin, A., Stoica, I., & Zaharia, M. (2010). A view of cloud computing. Communications of the ACM, 53(4), 50–58. https://doi.org/10.1145/1721654.1721672

Chigada, J., & Madzinga, R. (2021). Cyberattacks and threats during COVID-19: A systematic literature review. South African Journal of Information Management, 23(1), Article a1277. https://doi.org/10.4102/sajim.v23i1.1277

Communications Authority of Kenya. (2023). Annual report 2022/2023: Cybersecurity statistics and trends. Communications Authority of Kenya. https://www.ca.go.ke/annual-report/

Faul, F., Erdfelder, E., Buchner, A., & Lang, A.-G. (2009). Statistical power analyses using G*Power 3.1: Tests for correlation and regression analyses. Behavior Research Methods, 41(4), 1149–1160. https://doi.org/10.3758/BRM.41.4.1149

Fornell, C., & Larcker, D. F. (1981). Evaluating structural equation models with unobservable variables and measurement error. Journal of Marketing Research, 18(1), 39–50. https://doi.org/10.1177/002224378101800104

Gichubi, G., Muriira, G., & Kyalo, D. (2024). Cloud security incidents in Kenyan enterprises: Patterns, vulnerabilities, and mitigation strategies. Journal of Information Security and Applications, 82, Article 103723. https://doi.org/10.1016/j.jisa.2024.103723

Hair, J. F., Risher, J. J., Sarstedt, M., & Ringle, C. M. (2022). When to use and how to report the results of PLS-SEM (2nd ed.). European Business Review, 31(1), 2–24. https://doi.org/10.1108/EBR-11-2018-0203

Kshetri, N. (2013). Privacy and security issues in cloud computing: The role of institutions and institutional evolution. Telecommunications Policy, 37(4–5), 372–386. https://doi.org/10.1016/j.telpol.2012.04.011

Wachanga, A., & Ndiege, J. R. A. (2018, June 26). Adoption of Cloud Computing By Small and Medium Enterprises in Nairobi County, Kenya. ResearchGate;. https://www.researchgate.net/publication/325987790_Adoption_of_Cloud_Computing_By_Small_and_Medium_Enterprises_in_Nairobi_County_Kenya.

Nunnally, J. C., & Bernstein, I. H. (1994). Psychometric theory (3rd ed.). McGraw-Hill.

Oliveira, T., Thomas, M., & Espadanal, M. (2014). Assessing the determinants of cloud computing adoption: An analysis of the manufacturing and services sectors. Information & Management, 51(5), 497–510. https://doi.org/10.1016/j.im.2014.03.006

Podsakoff, P. M., MacKenzie, S. B., Lee, J.-Y., & Podsakoff, N. P. (2003). Common method biases in behavioral research: A critical review of the literature and recommended remedies. Journal of Applied Psychology, 88(5), 879–903. https://doi.org/10.1037/0021-9010.88.5.879

Reece, R., Manley, S., & Brooks, J. (2023). Multi-cloud security risks and mitigation strategies in government environments. Computers & Security, 128, Article 103157. https://doi.org/10.1016/j.cose.2023.103157

Tornatzky, L. G., & Fleischer, M. (1990). The processes of technological innovation. Lexington Books.

Zwilling, M., Klien, G., & Lesjak, D. (2022). Cybersecurity awareness, knowledge and behavior: A comparative study. Journal of Computer Information Systems, 62(1), 82–97. https://doi.org/10.1080/08874417.2020.1712269

Published

2026-07-06

How to Cite

Odhiambo, S., John, J., & Omwando, N. (2026). EFFECT OF TECHNOLOGICAL SECURITY CAPABILITY ON SECURE CLOUD ADOPTION AMONG KENYAN STATE CORPORATIONS. Journal of Computer Science, Technology and Innovation (JCSTI), 3(2), 1–17. Retrieved from https://academicpubs.org/ojs33/index.php/JCSTI/article/view/116