Author(s): Adel Ismail Al-Alawi and Sara Abdulrahman Al-Bassam
Article publication date: 2019-12-01
Vol. 37 No. 4 (yearly), pp. 17-32.
734
Keywords
Cybersecurity Awareness, Top management support, Budget, Compliance, Culture, Crime, Banking sector, Bahrain, Cyber threats, Security risks, Training.
Abstract
The purpose of this paper is to identify the factors of cybersecurity awareness in the banking sector. Literature shows several gaps that both top management and cybersecurity professionals must close to construct a successful digital institution in the conviction- and assurance-based economy. These gaps indicate four factors, top management commitment and support; budgeting; cybersecurity compliance; and cybersecurity culture. Methodology: A quantitative approach is used with questionnaire analysis. A total of 109 Information Technology (IT) employees completed a self-administrated survey from six Bahraini Islamic retail banks and five Bahraini conventional commercial retail banks. Descriptive analysis with percentage and a simple mean-based ranking of indicators used to analyze the data. Findings reveal the highest mean is 4.28 for security compliance. The lowest mean for Cybersecurity Culture at 4.24 concludes that all the factors are significant for cybersecurity awareness. Respondents strongly agreed with the necessity of these factors in the banking sector. The research limitation due to the insufficient information in the literature regarding the proposed combination of factors recommended. Practical implications for policymakers and cybersecurity specialists: This study provides a vital factor that may help improve policies or guidelines for successful cybersecurity awareness in organizations. To recognize cyber threats, cyber-attacks impact, and how to diminish cyber risk and avoid cyber-crime penetrating their cyberspace. Originality/value fills a gap in the literature to construct a successful digital institution in the conviction- and assurance-based economy. This study helps managers direct and proceed with their daily activities, where maintaining the cybersecurity component is significant. A cybersecurity component is a defense and safeguards the firm’s financial information, intellectual properties, and reputation against unauthorized parties. Moreover, the cybersecurity component concerns the organization and the public individuals exposed to cyber threats through their electronic digital media such as smartphones, personal computers, and Internet protocol systems. However, there is insufficient literature on the proposed combination of factors recommended as factors relating to cybersecurity awareness in the banking sector.