| dc.description.abstract | Cybersecurity has emerged as a significant concern for organisations and the Information Communication Technology (ICT) domain during recent decades. An increase in the number of cyber threats and cyber-attacks has been observed recently, and an even sharper increase was noticed during the worldwide coronavirus (COVID-19) pandemic outbreak. Simultaneously, the complexity of the cyber-attacks being executed by threat actors has increased, and the scope and geographical location of the targets of threat actors have also widened to include critical infrastructure in all corners of the world. Commercial banks in South Africa have not been spared. This is because financial institutions are seen as valuable targets by cybercriminals and communicators of advanced persistent threats (APT) due to the nature of their business and the vast amounts of data they store. The study proposed a conceptual Cybersecurity Framework for Commercial Banks in South Africa. It proposed this by identifying the factors impeding commercial banks from developing their frameworks due to the challenges faced by the banks regarding cybersecurity from a South African perspective. The factors were identified using a mixed methods approach, with qualitative data collection facilitated through interviews with professionals within the banking domain in South Africa and quantitative data collected using a survey distributed to IT, risk, compliance, and governance professionals in commercial banks. The study identified seven factors contributing to establishing a cybersecurity framework for commercial banks. By addressing these factors, some of the challenges experienced by commercial banks regarding cybersecurity in the country can be addressed, which will improve the security posture of the organisations, internally and externally. | en_US |
