Role of Boards in Cybersecurity Risk Profiling: The Case of Bangladeshi Commercial Banks

Role of Boards in Cybersecurity Risk Profiling: The Case of Bangladeshi Commercial Banks

md_bazlur_rahman

Contact

Md. Bazlur Rahman

Contact

Tania Karim

Contact

Imtiaz Uddin Chowdhury

Contact

University of Chittagong

Role of Boards in Cybersecurity Risk Profiling: The Case of Bangladeshi Commercial Banks

Article Fingerprint

ReserarchID

TDN78

Role of Boards in Cybersecurity Risk Profiling: The Case of Bangladeshi Commercial Banks Banner

AI TAKEAWAY

Connecting with the Eternal Ground

Abstract

Cybercrime becomes costlier than physical crime in developed economies. As a result, it has become the top priority in governance issues in financial institutions. As a developing nation in Bangladesh, the banking sector faces multi-dimensional challenges to adopt IT applications in banking with cybercrime. The paper examines what the banking industry faces cyber security risks and how the board members contribute to identify and mitigate the risk. Through an in-depth interview among the directors of commercial banks in Bangladesh, we identified the possible cyber risk and prepared the risk profile describing the sources, implications, severity of impact, likelihood of occurrence and ranked them. The result shows that the IT governance risk, IT investment risk, and information risk are most critical among the significant cyber security risks. The results of the study have important implications for both corporate boards and policymakers.

References

34 Cites in Article

Reference Format

A Al-Hadi,M Hasan,A Habib (2016). Risk committee, firm life cycle, and market risk disclosures.
Christian Biener,Martin Eling,Jan Wirfs (2015). Insurability of Cyber Risk: An Empirical Analysis.
Rainer Böhme,Gaurav Kataria (2006). On the Limits of Cyber-Insurance.
J Cebula,L Young (2010). A taxonomy of operational cyber security risks.
Catherine Daily,Dan Dalton,Albert Cannella (2003). Corporate Governance: Decades of Dialogue and Data.
J Danielsson,M Fouche,R Macrae (2016). Cyber risk as systemic risk.
M Eling,J Wirfs (2016). Cyber risk: too big to insure? Risk transfer options for a mercurial risk class.
Dean Dwonczyk (2010). Enterprise Risk Management: Today's Leading Research and Best Practices for Tomorrow's Executives, John Fraser, Betty J. Simkins, John Wiley & Sons, 2010, 577pp. (hardback), £70.00. ISBN: 978-0-470-49908-5.
M Greisiger,I Allclear,F Ireland,P Cox (2013). https://inass.org/wp-content/uploads/2022/05/2022083131-2.pdf.
Edward Humphreys (2008). Information security management standards: Compliance, governance and risk management.
Wolfgang Kröger (2008). Critical infrastructures at risk: A need for a new conceptual approach and extended analytical tools.
(2016). The Handbook of Board Governance.
J Lewis,S Baker (2013). The economic impact of cybercrime and cyber espionage.
Alessandro Minichilli,Alessandro Zattoni,Fabio Zona (2009). Making Boards Effective: An Empirical Examination of Board Task Performance.
Arunabha Mukhopadhyay,Samir Chatterjee,Debashis Saha,Ambuj Mahanti,Samir Sadhukhan (2013). Cyber-risk decision models: To insure IT or not?.
Hulisi Öğüt,Srinivasan Raghunathan,Nirup Menon (2011). Cyber Security Risk Management: Public Policy Implications of Correlated Risk, Imperfect Ability to Prove Loss, and Observability of Self‐Protection.
Michael Parent,Balize Reich (2009). Governing Information Technology Risk.
Andrew Pettigrew (1992). On studying managerial elites.
(2013). Managing Cyber Security as a Business Risk: Cyber Insurance in the Digital Age.
L Ponemon (2013). Cost of data breach study: Global analysis.
Shaun Posthumus,Rossouw Von Solms (2004). A framework for the governance of information security.
A Raghavan,L Parthiban (2014). The effect of cybercrime on a Bank's finances.
Ortwin Renn,Katherine Walker (2008). Lessons Learned: A Re-Assessment of the IRGC Framework on Risk Governance.
A Riem (2001). Cybercrimes of the 21st Century.
Maurizio Sajeva,Marcelo Masera (2006). A strategic approach to risk governance of critical infrastructures.
S Shackelford (2012). Should your firm invest in cyber risk insurance?.
Carol Siegel,Ty Sagalow,Paul Serritella (2002). Cyber-Risk Management: Technical and Insurance Controls for Enterprise-Level Security.
Chris Skelcher (2005). Jurisdictional Integrity, Polycentrism, and the Design of Democratic Governance.
K Smith,M Smith,J Smith (2011). Marketing and Finance.
J Straight (2015). The Role of the Board in Cybersecurity: 'Learn, Ensure, Inspect', Dark Reading.
Roger Tourangeau,Lance Rips,Kenneth Rasinski (2000). The Psychology of Survey Response.
Marjolein Van Asselt,Ortwin Renn (2011). Risk governance.
Andrew Whitman (2015). Is ERM Legally Required? Yes for Financial and Governmental Institutions, No for Private Enterprises.
G Wilshusen (2010). Iraq and Afghanistan : agencies face challenges in tracking contracts, grants, cooperative agreements, and associated personnel : testimony before the Subcommittee on oversight and investigations, Committee on Armed Services, House of Representatives / John P. Hutton..

Download References

Funding

No external funding was declared for this work.

Conflict of Interest

The authors declare no conflict of interest.

Ethical Approval

No ethics committee approval was required for this article type.

Data Availability

Not applicable for this article.

How to Cite This Article

md_bazlur_rahman. 2021. \u201cRole of Boards in Cybersecurity Risk Profiling: The Case of Bangladeshi Commercial Banks\u201d. Global Journal of Management and Business Research - A: Administration & Management GJMBR-A Volume 21 (GJMBR Volume 21 Issue A3).

More Citation Formats

Select Citation Style:

Download Citation

GJMBR Volume 21 Issue A3

Explore Journals Explore Volume Read This Issue

Journal Specifications

Crossref Journal DOI 10.17406/GJMBR

Print ISSN 0975-5853

e-ISSN 2249-4588

Keywords

Not Found

Classification

GJMBR-A Classification JEL Code: M10

Submission ReceivedSeptember 10, 2021
Peer Review Double Blind
Handling Editor
Accepted September 30, 2021
Published October 15, 2021

Version of record

v1.2

Issue date

April 5, 2021

Language

Experiance in AR

Explore published articles in an immersive Augmented Reality environment. Our platform converts research papers into interactive 3D books, allowing readers to view and interact with content using AR and VR compatible devices.

View in VR

Read in 3D

Your published article is automatically converted into a realistic 3D book. Flip through pages and read research papers in a more engaging and interactive format.

View in 3D

Article Matrices

Total Views: 2184

Total Downloads: 980

2026 Trends

Our website is actively being updated, and changes may occur frequently. Please clear your browser cache if needed. For feedback or error reporting, please email [email protected]