Research Article

Risk Assessment of Cyber Security in the Banking Sector

Authors

  • Sujoy Saha Master of Science in Business Analytics, (University of New Haven, CT, USA), Master of Science in Statistics, (National University, Bangladesh), Bachelor of Science in Statistics, (National University, Bangladesh)
  • Md. Shoeb Siddiki MBA in Data Analytics, (University of New Haven, CT, USA), Master of Business Administration (Dhaka International University, Bangladesh), Bachelor of Business Administration (Dhaka International University, Bangladesh)
  • Rabi Sankar Mondal Master of Science in Business Analytics, (University of New Haven, CT, USA), Master of Pharmacy (Jamia Hamdard, New Delhi, India), Bachelor of Pharmacy (Jamia Hamdard, New Delhi, India)
  • Md. Nazmul Alam Bhuiyan MBA in Data Analytics, (University of New Haven, CT, USA), Bachelor of Business Administration (East West University, Bangladesh)
  • Md. Kamruzzaman MBA in Data Analytics, (University of New Haven, CT, USA), Master of Business Administration, Accounting & Information Systems (University of Dhaka, Bangladesh), Master of Social Science, Political Science (National University, Bangladesh), Bachelor of Social Science, Political Science (National University, Bangladesh)

Abstract

This research investigates cyber security risk assessment practices in the banking sector, examining current methodologies, implementation challenges, and effectiveness in addressing evolving threats. Using a mixed-methods approach combining survey data from 128 financial institutions across 17 countries, in-depth case studies of six banks, and regulatory document analysis, the study offers a comprehensive evaluation of assessment maturity and outcomes. Findings reveal significant variations in implementation across different institution sizes, with large banks demonstrating consistently higher maturity across all assessment domains. Vulnerability assessment procedures show the strongest implementation (mean=3.87/5.0), while impact evaluation methodologies demonstrate lower maturity (mean=3.21/5.0). Statistical analysis confirms moderate to strong correlations between assessment maturity and improved security outcomes, including reduced incident detection times (r=-0.61) and lower financial losses (r=-0.59). Qualitative insights highlight persistent challenges in quantifying potential impacts, integrating third-party risks, and effectively utilizing threat intelligence. Based on empirical evidence, an enhanced assessment framework was developed incorporating business-aligned threat modeling, dynamic risk indicators, improved quantification methods, and supply chain risk integration. This research contributes to both theoretical understanding and practical implementation of financial sector security risk assessment, providing foundational knowledge for developing more resilient security postures in an environment of increasingly sophisticated cyber threats and complex digital ecosystems.

Article information

Journal

Journal of Business and Management Studies

Volume (Issue)

7 (4)

Pages

208-218

Published

2025-07-24

How to Cite

Sujoy Saha, Md. Shoeb Siddiki, Rabi Sankar Mondal, Md. Nazmul Alam Bhuiyan, & Md. Kamruzzaman. (2025). Risk Assessment of Cyber Security in the Banking Sector. Journal of Business and Management Studies, 7(4), 208-218. https://doi.org/10.32996/jbms.2025.7.4.12

Downloads

Views

39

Downloads

11

Keywords:

Cybersecurity, Risks, Banks Security, Financial Services Institutions Security