Date of Award

8-11-2017

Document Type

Dissertation

Degree Name

Doctor of Philosophy (PhD)

Department

Information Science

First Advisor

Ningning Wu

Abstract

In today’s world it seems that cyber hackers, cyber terrorists, and cyber activists make headlines almost every day. Information security has become a major concern for bankers from both a reputation and regulatory examination standpoint. Bank management is tasked to answer a litany of questions. Is my bank secure? What impact does this security have on productivity? What solutions are cost effective? What impact will a security breach have on my bank and respective customer base? Additionally, many bankers don’t have on-staff expertise to answer these questions. Having a framework where bankers can know how likely it is they will be breached, how much a breach will cost, and have the capability to know what the cost of mitigation or return on the security investment is an unfulfilled need in today’s banking world. This research will review a sampling of banks across a spectrum of asset sizes and employee capabilities. This research will help in the construction of a straight-forward, simple tool to evaluate the effectiveness of their current information and cyber security programs, know what the most likely risks are for their bank’s risk profile, understand the potential costs of those breaches, the cost of mitigating or controlling those risks, and a formula for the return on investment for each of those mitigations or controls. Finally, bank committees and management will have a tool to help make non-emotional, fact-based decisions and have the capability to create “what if” scenarios for both existing and new products and technologies.

Share

COinS