Impacts of information technology and risk management on cybersecurity governance: Empirical study on malaysian financial institutions Hasnan Suhaily1,2,*, Hamka Dayana3, Hussain Alfiatul Rohmah Mohamed1, Ali Mazurina Mohd1, Mohamad Maslinawati1, Gui Anderes4 1Faculty of Accountancy, Universiti Teknologi MARA, Cawangan Selangor Kampus, Puncak Alam, Selangor, Malaysia 2International School, Vietnam National University, Hanoi, Vietnam 3Bank Rakyat Malaysia, Kuala Lumpur, Malaysia 4School of Information Systems, Bina Nusantara University, Indonesia *Corresponding author: suhailyhasnan@uitm.edu.my (ORCID ID: 0000-0002-6050-8741)
Online Published on 19 January, 2024. Abstract Cybersecurity threats have successfully targeted financial institutions worldwide due to the increased connectivity of seamless and borderless financial services. Considering that criminals have employed more sophisticated methods to exploit the financial industry, financial institutions must adopt an integrated framework to counter the attacks and protect financial infrastructure from exploitation. The study examined cybersecurity governance by extending the Integrated System Theory (IST), including information technology (IT) governance and risk management (RM) governance. Questionnaires were distributed to Malaysian financial institutions through corporate social media platforms, email, and Google Form in November 2021. The questionnaire used a five-point Likert scale and comprised Section A which focused on the respondents’ demographic profile, while Section B emphasised the research construction. A total of 128 respondents participated within four weeks. Data obtained from the questionnaire was analysed for descriptive statistics, correlation, and regression analyses. Resultantly, IT governance and RM governance significantly and positively impacted cybersecurity governance. The study provides better insights to the practitioners, academicians, or researchers to identify which factors to be considered and emphasise before developing an integrated cybersecurity governance framework. Highlights • This paper is devoted to studying the factors influencing cybersecurity governance by extending the IST. • In the course of the study, the impacts of information technology governance and risk management governance on cybersecurity governance are explored. Top Keywords Information technology governance, Risk management governance, Cybersecurity governance, Integrated cybersecurity governance framework. Top |