Assessing cybersecurity awareness among bank employees: A multi-stage analytical approach using PLS-SEM, ANN, and fsQCA in a developing country context
{"title":"Assessing cybersecurity awareness among bank employees: A multi-stage analytical approach using PLS-SEM, ANN, and fsQCA in a developing country context","authors":"Razib Chandra Chanda , Ali Vafaei-Zadeh , Haniruzila Hanifah , Davoud Nikbin","doi":"10.1016/j.cose.2024.104208","DOIUrl":null,"url":null,"abstract":"<div><div>The financial sector is a prime target for cybercriminals which increases the need for banks to enhance employee cybersecurity awareness. This study examines the critical factors that enhance cybersecurity awareness among bank employees in the context of developing countries, focusing on Bangladesh. By collecting 355 valid responses through purposive sampling from bank employees across major districts, the research employs a multi-stage analytical approach that integrates Partial Least Squares Structural Equation Modeling (PLS-SEM), Artificial Neural Networks (ANN), and Fuzzy-set Qualitative Comparative Analysis (fsQCA). Findings reveal a positive correlation between response cost, information security awareness, knowledge of cyber threats, and employees' perceived threat and vulnerability, indicating their significance in shaping cybersecurity awareness. The study's methodological novelty lies in its combined use of linear and non-linear analytical techniques which optimize prediction accuracy and contribute to the robustness of cybersecurity awareness research. Its implications are vital for developing nations where technological dependence for safeguarding IT resources is critical. The outcomes highlight the need for an informed approach to cyber threat management and the promotion of cybersecurity awareness among bank employees as a shield against social engineering and other cyberattacks.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"149 ","pages":"Article 104208"},"PeriodicalIF":4.8000,"publicationDate":"2024-11-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167404824005145","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
The financial sector is a prime target for cybercriminals which increases the need for banks to enhance employee cybersecurity awareness. This study examines the critical factors that enhance cybersecurity awareness among bank employees in the context of developing countries, focusing on Bangladesh. By collecting 355 valid responses through purposive sampling from bank employees across major districts, the research employs a multi-stage analytical approach that integrates Partial Least Squares Structural Equation Modeling (PLS-SEM), Artificial Neural Networks (ANN), and Fuzzy-set Qualitative Comparative Analysis (fsQCA). Findings reveal a positive correlation between response cost, information security awareness, knowledge of cyber threats, and employees' perceived threat and vulnerability, indicating their significance in shaping cybersecurity awareness. The study's methodological novelty lies in its combined use of linear and non-linear analytical techniques which optimize prediction accuracy and contribute to the robustness of cybersecurity awareness research. Its implications are vital for developing nations where technological dependence for safeguarding IT resources is critical. The outcomes highlight the need for an informed approach to cyber threat management and the promotion of cybersecurity awareness among bank employees as a shield against social engineering and other cyberattacks.
金融行业是网络犯罪分子的主要目标,因此银行更有必要提高员工的网络安全意识。本研究以孟加拉国为重点,探讨了在发展中国家提高银行员工网络安全意识的关键因素。通过对主要地区的银行员工进行有目的的抽样调查,收集了 355 份有效答卷,研究采用了多阶段分析方法,将偏最小二乘法结构方程建模(PLS-SEM)、人工神经网络(ANN)和模糊集定性比较分析(fsQCA)融为一体。研究结果表明,响应成本、信息安全意识、网络威胁知识以及员工感知到的威胁和脆弱性之间存在正相关,这表明它们在塑造网络安全意识方面具有重要意义。这项研究在方法上的新颖之处在于结合使用了线性和非线性分析技术,从而优化了预测的准确性,并有助于提高网络安全意识研究的稳健性。它对发展中国家的影响至关重要,因为这些国家在保护 IT 资源方面对技术的依赖程度很高。研究结果突出表明,有必要采取明智的方法进行网络威胁管理,并提高银行员工的网络安全意识,以抵御社会工程学和其他网络攻击。
期刊介绍:
Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world.
Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.