DESIGN OF A CONCEPTUAL FRAMEWORK FOR CYBERSECURITY CULTURE AMONGST ONLINE BANKING USERS IN NIGERIA
Keywords:Cybersecurity culture, Online banking, Human factors, Nigeria, Conceptual model.
This study aims to construct a comprehensive conceptual framework that elucidates the critical human factors influencing cybersecurity culture among online banking users in Nigeria. The research methodology is grounded in a meticulous examination of existing literature in the cybersecurity culture domain, serving as the foundation for this framework. The literature review reveals a conspicuous absence of academic research on cybersecurity culture within Nigeria and underscores the importance of comprehending its unique nuances. Key findings from the literature review highlight the prominence of “cybersecurity awareness,” “cybersecurity policy,” and “cybersecurity education” as influential factors. “Cybersecurity awareness” emerges as the most pivotal factor due to its recurrent emphasis and recognized centrality. “Cybersecurity policy” and “cybersecurity education” secure the second and third positions, respectively, due to their acknowledged significance in cultivating a security-conscious mindset among online banking users. Furthermore, the literature review exposes a research gap concerning the requisite “cybersecurity knowledge” that should permeate organizations and individuals to augment cybersecurity culture. Additionally, it reveals the underexplored influence of “social norms” and “interpersonal trust” in molding cybersecurity culture. This research accentuates the dearth of cybersecurity culture research within Nigeria and underscores the importance of understanding its unique facets. The proposed conceptual framework provides a valuable resource for designing tailored cybersecurity strategies and programs in Nigeria’s online banking sector. It advocates for prioritizing cybersecurity awareness, education, and policy, empowering users with the knowledge and skills needed to safeguard themselves against cyber threats. The model also highlights the relevance of recognizing the role played by social dynamics, interpersonal trust, and social norms in shaping cybersecurity behaviours.
Alshaikh, M. “Computers and Security Developing Cybersecurity Culture to Influence Employee Behavior: A Practice Perspective”, computer and security 98, 2020.
Wong, W. P., Hwee, C. T., Kim, H. T., and Ming, L. T. “Human Factors in Information Leakage: Mitigation Strategies for Information Sharing Integrity”, Industrial Management and Data Systems, 119(6): 1242–67, 2019.
Chowdhury, N. H., Marc, T. P., Adam, and Timm, T. “Time Pressure in Human Cybersecurity Behavior: Theoretical Framewo-rk and Countermeasures”, Computers & Security 97: 101963; 2020.
Conteh, N. Y., and Paul, J. S. “Cybersecurity: Risks, Vulnerabilities, and Countermeasures to Prevent Social Engineering Attacks”, International Journal of Advanced Computer Research 6(23): 31–38; 2016.
Kathryn, P., Butavicius, M., Delfabbro, P., and Lillie, M. “Predicting Susceptibility to Social Influence in Phishing Emails”, International Journal of Human-Computer Studies, 128: 17–26; 2019. https://doi.org/10.1016/j.ijhcs.2019.0 2.007
Karen, L., and Schneier, B. “Privacy Threats in Intimate Relationships”, Journal of Cybersecurity 6(1): 1–13; 2020.
Uchendu, B., Jason R. C., Nurse, Maria B., and Furnell, S. “Developing a Cyber Security Culture: Current Practices and Future Needs”, Computers and Security 109, 2021.
Muhamad, R., and Padjadjaran, U. “Cybersecurity Policy and Its Implementation in Indonesia”, Journal of ASEAN Studies, 2019.
Orehek, Š., and Gregor, P. “A Systematic Review of Scales for Measuring Information Security Culture”, Information & Computer Security, 2020.
Hallikainen, H., and Laukkanen, T. 2018. “National Culture and Consumer Trust in E-Commerce”, International Journal of Information Management, 38(1): 97–106; 2018. http://dx.doi.org/10.1016/j.ijinfomgt.201 7.07.002
Ameen, N. et al. “A Cyber Security Awareness and Education Framework for South Africa”, Journal of Physics: Conference Series 51(14): 103284, 2020. https://doi.org/10.1016/j.im.202 0.103284%0Ahttps://doi.org/10.1016/j.tele.2020.101415%0Ahttps://doi.org/10.1016/j.ijinfomgt.2020.102123%0Ahttps://doi.org/10.1016/j.chb.2020.106531
Griggio, C. F., Nouwens, M., McGrenere, J., and Mackay, W. E. 2019. “Augmenting Couples’ Communication with Lifelines: Shared Timelines of Mixed Contextual Information”, Conference on Human Factors in Computing Systems – Proceedings, 2019.
Inegbedion, H. E. 2018. “Factors That Influence Customers’ Attitude toward Electronic Banking in Nigeria”, Journal of Internet Commerce, 17(4): 325–38; 2018. https://doi.org/10.1080/15332861.2018.1463482
Huang, K., and Pearlson, K. “For What Technology Can’t Fix: Building a Model of Organizational Cybersecurity Culture”, Proceedings of the 52nd Hawaii International Conference on System Sciences, 2019; For 6398–6407
Georgiadou, A., Mouzakitis, S., Bounas, K., and Askounis, D. “A Cyber-Security Culture Framework for Assessing Organization Readiness”, Journal of Computer Information Systems, 00(00), 1–11; 2020. https://doi.org/10 .1080/08874417.2020.1845583
Sarjiyus, O., Oye, N. D., and Baha, B. Y. “Improved Online Security Framework for E-Banking Services in Nigeria: A Real-World Perspective”, Journal of Scientific Research and Reports, 23(1): 1–14; 2019.
Nasir, A., Arshah, R. A., and Ab Hamid, M. R. “Information security policy compliance behavior based on comprehensive dimensions of information security culture: A conceptual framework”, ACM International Conference Proceeding Series, Part F1282, 56–60; 2017. https://doi.org/10.1145/3077584.3077593
Triplett, W. “Establishing a Cybersecurity Culture Organization.” Acta Scientific COMPUTER SCIENCES 3(8): 44–49; 2021.
Mohammad, M., and Van Oorschot, P. C. “Security and Usability: The Gap in Real-World Online Banking”, Proceedings New Security Paradigms Workshop: 1–14; 2018.
Madugba, J. et al. “Effect of Electronic Banking on Financial Performance of Deposit Money Banks in Nigeria”, Banks and Bank Systems, 16(3): 71–83, 2021.
Gcaza, N. et al. “Cybersecurity Culture: An Ill-Defined Problem”, HAL open science (May 2017): 98–109; 2018.
Reegård, K. “The Concept of Cybersecurity Culture the Concept of Cybersecurity Culture”, Proceedings Ofthe 29th European Safety and Reliability Conference., 2019, October. https://doi.org/10.3850/978-981-11-2724-3
Muhamad, R., and Padjadjaran, U. 2019. “Cybersecurity Policy and Its Implementation in Indonesia”, Journal of ASEAN Studies, (February) 2019.
Veiga, A. da, Astakhova, L. V., Botha, A., and Herselman, M. “Defining organisational information security culture – Perspectives from academia and industry”, Computers and Security, 101713; 2020. https://doi.org/10.101 6/j.cose.2020.101713
Nasir, A., Journal, I., Nasir, A., Arshah, R. A., Rashid, M., Hamid, A., Fahmy, S., and Bakar, M. A. “Information Security Culture Model for Malaysian Organizations: A Review”, International Journal of Advanced Trends in Computer Science and Engineering, 1, 2020;
Ocloo, C. M., da Veiga, A., and Kroeze, J. (2021). “A Conceptual Information Security Culture Framework for Higher Learning Institutions”, IFIP Advances in Information and Communication Technology, 613, 63–80; 2021. https://doi.org/10.1007/978-3-030-81111-2_6
How to Cite
Copyright (c) 2023 Nigerian Journal of Technology
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
The contents of the articles are the sole opinion of the author(s) and not of NIJOTECH.
NIJOTECH allows open access for distribution of the published articles in any media so long as whole (not part) of articles are distributed.
A copyright and statement of originality documents will need to be filled out clearly and signed prior to publication of an accepted article. The Copyright form can be downloaded from http://nijotech.com/downloads/COPYRIGHT%20FORM.pdf while the Statement of Originality is in http://nijotech.com/downloads/Statement%20of%20Originality.pdf
For articles that were developed from funded research, a clear acknowledgement of such support should be mentioned in the article with relevant references. Authors are expected to provide complete information on the sponsorship and intellectual property rights of the article together with all exceptions.
It is forbidden to publish the same research report in more than one journal.