An integrated cyber security risk management framework for online banking systems
Azura, Yiu Ting Yan and Azad, Muhammad Ajmal and Ahmed, Yussuf (2025) An integrated cyber security risk management framework for online banking systems. Journal of Banking and Financial Technology. ISSN 2524-7956
Preview |
Text
s42786-025-00056-3.pdf - Published Version Available under License Creative Commons Attribution. Download (1MB) |
Abstract
Online banking systems have become an integral part of our daily lives, offering access to financial services through Internet technologies and applications, however, as these systems grow in prevalence, they also introduce significant security and privacy challenges. These systems can be exposed to various cybersecurity threats that can result in data breaches, compromise of sensitive financial information, reputational damage, and significant operational disruptions. The existing model designed to ensure the security of consumers and service providers often fails to address the unique security and privacy challenges posed by banking environments. This paper proposes an integrated management framework based on threat and risk models, specifically designed for online banking systems. The framework incorporates a comprehensive risk management process and systematic assessment techniques while considering security features attributed to the banking environment, threat landscapes, and accessible information within the banking. During the threat identification and vulnerability analysis phases, potential attack scenarios and their possible impacts are evaluated using pre-defined procedures while considering the context. The assessment process quantifies cybersecurity risks, facilitating the appropriate mitigation strategies to address identified threats and risks. The framework’s applicability has been evaluated to determine its potential for effective real-world implementation in online banking systems. The evaluation addressed the security and privacy challenges of digital banking, and its ability to integrate with existing technologies and regulatory requirements.
| Item Type: | Article |
|---|---|
| Identification Number: | 10.1007/s42786-025-00056-3 |
| Dates: | Date Event 11 April 2025 Accepted 9 May 2025 Published Online |
| Uncontrolled Keywords: | Online banking, Banking security, Risk assessment and management |
| Subjects: | CAH11 - computing > CAH11-01 - computing > CAH11-01-01 - computer science |
| Divisions: | Architecture, Built Environment, Computing and Engineering > Computer Science |
| Depositing User: | Gemma Tonks |
| Date Deposited: | 20 Aug 2025 08:42 |
| Last Modified: | 20 Aug 2025 08:42 |
| URI: | https://www.open-access.bcu.ac.uk/id/eprint/16609 |
Actions (login required)
 |
View Item |
Tools
Tools
