Assessment of Cyber Security Risk Management Practices: Human factors, and implementation Challenges: In Case of Commercial Bank of Ethiopia (CBE) By; -
No Thumbnail Available
Date
2024-10
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Addis Ababa University
Abstract
study evaluates the cyber security risk management practices, human factors affecting effectiveness of cyber security risk management and challenges faced by the Commercial Bank of Ethiopia (CBE). Cyber security risk management involves identifying, analyzing, evaluating, and addressing cyber security threats, and it is essential for safeguarding financial assets, preventing fraud, and maintaining trust in the banking system. The research identifies the existing cyber security risk management practices at CBE, the non-technical factors affecting their effectiveness, and the challenges encountered during their implementation.
The study used a quantitative research design to evaluate the issues and present practices through the use of statistical analyses and surveys. The study environment was created by staff members of the Commercial Bank of Ethiopia, and 66 study participants were chosen from the cyber security department using judgmental random sampling SPSS version 26 was used to conduct a quantitative analysis of the data obtained from an open-ended questionnaire, interviews, and a closed-ended questionnaire. Important conclusions show that although CBE has put strong security measures in place, like firewalls and antivirus programs, there are still big gaps in the processes for reporting cyber security issues and communicating with one another. Cyber security practices are not as effective when human variables such as security awareness, training, behavioral issues, and cognitive load are not taken into account. Leadership commitment and organizational security culture are also very important and significantly influence the effectiveness of these practices.
This research provides insights into the cyber security landscape of Ethiopian banks, highlighting areas for improvement and offering recommendations to enhance the overall cyber security posture of CBE. The findings are intended to inform the development and implementation of more robust cyber security frameworks within the Ethiopian banking industry, ensuring compliance with regulatory requirements and fostering trust and resilience in the digital era.
Keywords: Cyber security, risk management, human factors, non-technical factors, organizational culture, leadership.