Cyber security risk assessment for determining threats and countermeasures for banking systems
Keywords:
Cyber security, Risk Assessment, Threats, Attacks, Countermeasures, multi-factor authentication (MFA).Abstract
As digital banking services continue to expand rapidly, banking systems have become prime targets for increasingly sophisticated cyber threats. This study presents a comprehensive cybersecurity risk assessment of modern banking systems through the analysis of ten peer-reviewed studies published between 2021 and 2025. The assessment identifies major threats including phishing, malware, distributed denial-of-service (DDoS) attacks, insider threats, and ATM fraud and classifies the key vulnerabilities they exploit, such as weak authentication mechanisms, outdated software, insecure system integrations, and inadequate endpoint protection. Furthermore, the study highlights a range of technical and organizational countermeasures, including multi-factor authentication (MFA), regular patch management, anomaly detection techniques, and user awareness training programs. A structured mapping between threats, vulnerabilities, and corresponding countermeasures is provided to support effective risk mitigation strategies. The findings underscore the critical need for layered security defenses, proactive monitoring, and continuous risk assessment to enhance cybersecurity resilience in the banking sector.
References
[1] Jimmy, F. (2024). Cybersecurity Threats and Vulnerabilities in Online Banking Systems. International Journal of Scientific Research and Management (IJSRM), 12(10), 1631–1646. https://doi.org/10.18535/ijsrm/v12i10.ec10
[2] Darem, A. A., Alhashmi, A. A., Alkhaldi, T. M., Alashjaee, A. M., Alanazi, S. M., & Ebad, S. A. (2023). Cyber threats classifications and countermeasures in banking and financial sector. IEEe Access, 11, 125138-125158.
[3] Oyewole, A. T., Okoye, C. C., Ofodile, O. C., & Ugochukwu, C. E. (2024). Cybersecurity risks in online banking: A detailed review and preventive strategies application. World Journal of Advanced Research and Reviews, 21(3), 625-643.
[4] Azura, Y. T. Y., Azad, M. A., & Ahmed, Y. (2025). An integrated cyber security risk management framework for online banking systems. Journal of Banking and Financial Technology, 1-20.
[5] Oyeniyi, L. D., Igwe, A. N., Ofodile, O. C., & Paul-Mikki, C. (2021). Optimizing risk management frameworks in banking: Strategies to enhance compliance and profitability amid regulatory challenges. Journal name missing.
[6] Schreiber, A., & Waismel-Manor, I. (2024). Cyber risk assessment model for information assets: a tailored approach for the financial and banking sector. Journal of Operational Risk.
[7] Jaya Sakti, M. A., Achsani, N. A., & Syarifuddin, F. (2018). Online banking implementation: Risk mapping using erm approach. Bulletin of Monetary Economics and Banking, 20(3), 279-306.
[8] Shokouhyar, S., Panahifar, F., Karimisefat, A., & Nezafatbakhsh, M. (2018). An information system risk assessment model: a case study in online banking system. International Journal of Electronic Security and Digital Forensics, 10(1), 39-60.
[9] Budiraharjo, R., Silhi, A. J. R., & Prihartono, N. I. G. A Risk Management Guide for Information System Infrastructure in Digital Banking. information technology, 22, 23.
[10] Maditinos, D., Chatzoudes, D., & Sarigiannidis, L. (2013). An examination of the critical factors affecting consumer acceptance of online banking: A focus on the dimensions of risk. Journal of Systems and information Technology, 15(1), 97-116.
