EFFECT OF TECHNOLOGICAL SECURITY CAPABILITY ON SECURE CLOUD ADOPTION AMONG KENYAN STATE CORPORATIONS
Keywords:
Technological Security Capability, Secure Cloud Adoption, State Corporations, Kenya, TOE Framework, PLS-SEM, Identity and Access Management, Cloud SecurityAbstract
Purpose of the Study: This study examined the effect of technological security capability on secure cloud adoption among Kenyan state corporations. Specifically, it assessed whether technological security measures, including identity and access management, encryption, security monitoring, incident response readiness, and vulnerability assessment, significantly influence the secure adoption of cloud computing within public sector institutions.
Methodology: The study adopted a quantitative cross-sectional survey design guided by the Technology–Organisation–Environment (TOE) framework. Data were collected using structured questionnaires from ICT decision-makers in Kenyan state corporations. Responses from 112 participants were analyzed using SPSS Version 29 and SmartPLS 4 through Partial Least Squares Structural Equation Modelling (PLS-SEM).
Findings: The findings revealed that technological security capability had a positive but statistically non-significant effect on secure cloud adoption (β = 0.303, t = 1.587, p = 0.057). State corporations reported moderate to high levels of technological security capability, with data encryption receiving the highest ratings and cyber incident response readiness the lowest. The results suggest that while technological security controls contribute to secure cloud adoption, they are insufficient on their own. Their effectiveness depends on complementary organisational capabilities, governance structures, operational competencies, and enabling digital infrastructure that collectively support secure implementation and management of cloud computing environments.
Conclusion: The study concludes that technological security capability is a necessary but insufficient determinant of secure cloud adoption among Kenyan state corporations. Sustainable adoption requires integrating technical security controls with organisational readiness, governance mechanisms, skilled personnel, and supportive infrastructure to achieve secure, resilient, and effective cloud computing implementation.
References
Alreemy, Z., Chang, V., Walters, R., & Wills, G. (2024). Critical success factors for cloud computing adoption in higher education institutions: A systematic review. Future Generation Computer Systems, 153, 128–147. https://doi.org/10.1016/j.future.2023.11.011
Amini, M., & Jahanbakhsh Imani, M. (2021). A systematic review of cloud computing adoption factors using TOE framework. International Journal of Information Management, 57, Article 102290. https://doi.org/10.1016/j.ijinfomgt.2020.102290
Anderson, J. C., & Gerbing, D. W. (1988). Structural equation modeling in practice: A review and recommended two-step approach. Psychological Bulletin, 103(3), 411–423. https://doi.org/10.1037/0033-2909.103.3.411
Armbrust, M., Fox, A., Griffith, R., Joseph, A. D., Katz, R., Konwinski, A., Lee, G., Patterson, D., Rabkin, A., Stoica, I., & Zaharia, M. (2010). A view of cloud computing. Communications of the ACM, 53(4), 50–58. https://doi.org/10.1145/1721654.1721672
Chigada, J., & Madzinga, R. (2021). Cyberattacks and threats during COVID-19: A systematic literature review. South African Journal of Information Management, 23(1), Article a1277. https://doi.org/10.4102/sajim.v23i1.1277
Communications Authority of Kenya. (2023). Annual report 2022/2023: Cybersecurity statistics and trends. Communications Authority of Kenya. https://www.ca.go.ke/annual-report/
Faul, F., Erdfelder, E., Buchner, A., & Lang, A.-G. (2009). Statistical power analyses using G*Power 3.1: Tests for correlation and regression analyses. Behavior Research Methods, 41(4), 1149–1160. https://doi.org/10.3758/BRM.41.4.1149
Fornell, C., & Larcker, D. F. (1981). Evaluating structural equation models with unobservable variables and measurement error. Journal of Marketing Research, 18(1), 39–50. https://doi.org/10.1177/002224378101800104
Gichubi, G., Muriira, G., & Kyalo, D. (2024). Cloud security incidents in Kenyan enterprises: Patterns, vulnerabilities, and mitigation strategies. Journal of Information Security and Applications, 82, Article 103723. https://doi.org/10.1016/j.jisa.2024.103723
Hair, J. F., Risher, J. J., Sarstedt, M., & Ringle, C. M. (2022). When to use and how to report the results of PLS-SEM (2nd ed.). European Business Review, 31(1), 2–24. https://doi.org/10.1108/EBR-11-2018-0203
Kshetri, N. (2013). Privacy and security issues in cloud computing: The role of institutions and institutional evolution. Telecommunications Policy, 37(4–5), 372–386. https://doi.org/10.1016/j.telpol.2012.04.011
Wachanga, A., & Ndiege, J. R. A. (2018, June 26). Adoption of Cloud Computing By Small and Medium Enterprises in Nairobi County, Kenya. ResearchGate;. https://www.researchgate.net/publication/325987790_Adoption_of_Cloud_Computing_By_Small_and_Medium_Enterprises_in_Nairobi_County_Kenya.
Nunnally, J. C., & Bernstein, I. H. (1994). Psychometric theory (3rd ed.). McGraw-Hill.
Oliveira, T., Thomas, M., & Espadanal, M. (2014). Assessing the determinants of cloud computing adoption: An analysis of the manufacturing and services sectors. Information & Management, 51(5), 497–510. https://doi.org/10.1016/j.im.2014.03.006
Podsakoff, P. M., MacKenzie, S. B., Lee, J.-Y., & Podsakoff, N. P. (2003). Common method biases in behavioral research: A critical review of the literature and recommended remedies. Journal of Applied Psychology, 88(5), 879–903. https://doi.org/10.1037/0021-9010.88.5.879
Reece, R., Manley, S., & Brooks, J. (2023). Multi-cloud security risks and mitigation strategies in government environments. Computers & Security, 128, Article 103157. https://doi.org/10.1016/j.cose.2023.103157
Tornatzky, L. G., & Fleischer, M. (1990). The processes of technological innovation. Lexington Books.
Zwilling, M., Klien, G., & Lesjak, D. (2022). Cybersecurity awareness, knowledge and behavior: A comparative study. Journal of Computer Information Systems, 62(1), 82–97. https://doi.org/10.1080/08874417.2020.1712269
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2026 Samson Odhiambo, Jenu John, Nyakoni Omwando

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.