Impacts of Information technology and Risk Management on Cybersecurity Governance: Empirical Study on Malaysian Financial Institutions

Abstract

"Cybersecurity threats have successfully targeted financial institutions worldwide due to the increased connectivity of seamless and borderless financial services. Considering that criminals have employed more sophisticated methods to exploit the financial industry, financial institutions must adopt an integrated framework to counter the attacks and protect financial infrastructure from exploitation. The study examined cybersecurity governance by extending the Integrated System Theory (IST), including information technology (IT) governance and risk management (RM) governance. Questionnaires were distributed to Malaysian financial institutions through corporate social media platforms, email, and Google Form in November 2021. The questionnaire used a five-point Likert scale and comprised Section A which focused on the respondents’ demographic profile, while Section B emphasised the research construction. A total of 128 respondents participated within four weeks. Data obtained from the questionnaire was analysed for descriptive statistics, correlation, and regression analyses. Resultantly, IT governance and RM governance significantly and positively impacted cybersecurity governance. The study provides better insights to the practitioners, academicians, or researchers to identify which factors to be considered and emphasise before developing an integrated cybersecurity governance framework."