МОНІТОРИНГ КІБЕРРИЗИКІВ У ФІНАНСОВОМУ СЕКТОРІ ЕКОНОМІКИ
Article Sidebar
Надіслано: 21-01-2025
Опубліковано: 30-06-2025
©, Авторські права належать авторам.
Ця стаття опублікована відповідно до стандартів відкритого доступу та розповсюджується за ліцензією Creative Commons Attribution 4.0 International (CC BY 4.0), яка дозволяє необмежене використання, розповсюдження та відтворення змісту на будь-якому носії, за умови зазначення оригінального автора та джерела.
Main Article Content
Анотація
Фінансовий сектор економіки є привабливим об’єктом для кібератак, оскільки виконує важливу роль посередництва в русі грошових коштів. Ця стаття присвячена моніторингові кіберризиків, які можуть упливати на функціонування електронних сервісів. Установлено, що в практичній царині кібератаки зростають за експонентою щороку, але й у науці приділяють значну увагу визначеній проблематиці, а саме – кіберризикам. У сучасному ринковому середовищі комунікаційна архітектура базується на тому, що фінансові установи є критично важливими для глобальної комерційної діяльності, а також операцій на місцевому, державному й міжнародному рівнях господарювання. Ключова мета роботи полягала у виявленні, класифікації та моніторингові кіберризиків, які спричинені й внутрішніми, і зовнішніми кіберзагрозами у фінансовому секторі.
За результатами дослідження встановлено, що кіберризики для фінансового сектора здебільшого стосуються: витоку даних клієнта або певної корпоративної інформації, фінансових втрат, вимушених перерв у роботі електронних сервісів і зрештою втрати репутаційного капіталу та взаємної довіри. Під час проведення бібліометричного аналізу виявлено наукові праці, у яких: охарактеризовано сутність, систематизовано методичний інструментарій, досліджено класифікації кіберризиків в умовах фінансової діяльності, а також визначено можливості їх подолання з метою забезпечення кіберстійкості. Запропоновано оригінальну матрицю взаємозв’язку між визначеними науковими кластерами та кіберризиками фінансової царини, що дозволить зупинитися на розвитку перспективних рішень щодо їх подолання.
Установи фінансового сектора економіки постійно потребують розробки рекомендацій щодо захисту від негативного впливу кіберризиків, оскільки досі користуються застарілими електронними системами, які не є стійкими до загроз можливих кібератак. Висновки підтверджують актуальність і важливість роботи з кіберризиками у фінансовій царині задля забезпечення стабільності роботи та підвищення довіри до електронних сервісів.
Article Details
Посилання
Abawajy, J. (2014). User preference of cyber security awareness delivery methods. Behaviour & information technology, 33 (3), 237-248. https://doi.org/10.1080/0144929X.2012.708787 DOI: https://doi.org/10.1080/0144929X.2012.708787
Ahmed, M., Alasad, Q., Yuan, J.S., & Alawad, M. (2024). Re-Evaluating Deep Learning Attacks and Defenses in Cybersecurity Systems. Big Data and Cognitive Computing, 8 (12), 191. https://doi.org/10.3390/bdcc8120191 DOI: https://doi.org/10.3390/bdcc8120191
Akyildirim, E., Conlon, T., Corbet, S., & Hou, Y.G. (2024). HACKED: Understanding the stock market response to cyberattacks. Journal of International Financial Markets, Institutions and Money, 97, 102082. https://doi.org/10.1016/j.intfin.2024.102082 DOI: https://doi.org/10.1016/j.intfin.2024.102082
Aldasoro, I., Gambacorta, L., Giudici, P., & Leach, T. (2020). Operational and cyber risks in the financial sector. International Journal of Central Banking, 341-402. https://www.ijcb.org/journal/ijcb23q5a8.pdf
Aleem, A., & Ryan Sprott, C. (2012). Let me in the cloud: analysis of the benefit and risk assessment of cloud platform. Journal of Financial Crime, 20 (1), 6-24. https://doi.org/10.1108/13590791311287337 DOI: https://doi.org/10.1108/13590791311287337
Altarturi, H.H., Saadoon, M., & Anuar, N.B. (2020). Cyber parental control: A bibliometric study. Children and Youth Services Review, 116, 105134. https://doi.org/10.1016/j.childyouth.2020.105134 DOI: https://doi.org/10.1016/j.childyouth.2020.105134
Andrew, J., & Baker, M. (2021). The general data protection regulation in the age of surveillance capitalism. Journal of Business Ethics, 168, 565-578. https://doi.org/10.1007/s10551-019-04239-z DOI: https://doi.org/10.1007/s10551-019-04239-z
Arora, P., & Jain, A. (2021, December). Cyber security threats and their solutions through deep learning: A bibliometric analysis. In 2021 3rd International Conference on Advances in Computing, Communication Control and Networking (ICAC3N) (pp. 1944-1949). IEEE. https://doi.org/10.1109/ICAC3N53548.2021.9725480 DOI: https://doi.org/10.1109/ICAC3N53548.2021.9725480
Bai, X. (2011). Predicting consumer sentiments from online text. Decision Support Systems, 50(4), 732-742. https://doi.org/10.1016/j.dss.2010.08.024 DOI: https://doi.org/10.1016/j.dss.2010.08.024
Biener, C., Eling, M., & Wirfs, J.H. (2014). Insurability of cyber risk: An empirical analysis. The Geneva Papers on Risk and Insurance-Issues and Practice, 40, 131-158. https://doi.org/10.1057/gpp.2014.19 DOI: https://doi.org/10.1057/gpp.2014.19
Biletskyi, O., Kolesnyk, T., Shymanovska-Dianych, L., Spitsyna, A., Shkoda, M., & Krasnoshtan, O. (2024). Innovative management of integrated business structures in the financial mechanism of post-war recovery. Financial and Credit Activity: Problems of Theory and Practice, 6(59), 293-310. https://doi.org/10.55643/fcaptp. 6.59. 2024.4663
Biliavskyi, V., Biliavska, Y., Umantsiv, Y., Shestack, Y., Zhurba, O., & Khavanov, А. (2024). Digital technologies in the financial sector of the economy. Financial and credit activity problems of theory and practice, 4(57), 171-183. https://doi.org/10.55643/fcaptp.4.57.2024.444 DOI: https://doi.org/10.55643/fcaptp.4.57.2024.4444
Birindelli, G., & Iannuzzi, A.P. (2024). The Systemic Importance of Cyber Risk in Banks. In Systemic Risk and Complex Networks in Modern Financial Systems (pp. 301-321). Cham: Springer Nature Switzerland. https://doi.org/10.1007/978-3-031-64916-5_16 DOI: https://doi.org/10.1007/978-3-031-64916-5_16
Bolbot, V., Kulkarni, K., Brunou, P., Banda, O.V., & Musharraf, M. (2022). Developments and research directions in maritime cybersecurity: A systematic literature review and bibliometric analysis. International Journal of Critical Infrastructure Protection, 39, 100571. https://doi.org/10.1016/j.ijcip.2022.100571 DOI: https://doi.org/10.1016/j.ijcip.2022.100571
Bongomin, G.O.C., & Ntayi, J.M. (2020). Mobile money adoption and usage and financial inclusion: mediating effect of digital consumer protection. Digital Policy, Regulation and Governance, 22 (3), 157-176. https://doi.org/10.1108/DPRG-01-2019-0005 DOI: https://doi.org/10.1108/DPRG-01-2019-0005
Boyce, B. (1997). Cyber extortion – The corporate response. Computers & Security, 16 (1), 25-28. https://doi.org/10.1016/S0167-4048(97)85784-7 DOI: https://doi.org/10.1016/S0167-4048(97)85784-7
Bozkus Kahyaoglu, S., & Caliyurt, K. (2018). Cyber security assurance process from the internal audit perspective. Managerial auditing journal, 33 (4), 360-376. https://doi.org/10.1108/MAJ-02-2018-1804 DOI: https://doi.org/10.1108/MAJ-02-2018-1804
Byatarayanapura Venkataswamy, S., Patil, K.S., Narayanaswamy, H.K., & Veerabadrappa, K. (2024). Access management based on deep reinforcement learning for effective cloud storage security. International Journal of System Assurance Engineering and Management, 1-20. https://doi.org/10.1007/s13198-024-02596-1 DOI: https://doi.org/10.1007/s13198-024-02596-1
Căciulescu, A. R., Rughiniș, R., Țurcanu, D., & Radovici, A. (2024). Mapping Cyber-Financial Risk Profiles: Implications for European Cybersecurity and Financial Literacy. Risks, 12 (12), 200. https://doi.org/10.3390/risks12120200 DOI: https://doi.org/10.3390/risks12120200
Chiaradonna, S., Jevtić, P., Lanchier, N., & Pesic, S. (2024). Framework for Cyber Risk Loss Distribution of Client‐Server Networks: A Bond Percolation Model and Industry Specific Case Studies. Applied Stochastic Models in Business and Industry, 40 (6), 1712-1733. https://doi.org/10.1002/asmb.2896 DOI: https://doi.org/10.1002/asmb.2896
Colabianchi, S., Bernabei, M., Costantino, F., Romano, E., & Falegnami, A. (2023). MARLIN Method: Enhancing Warehouse Resilience in Response to Disruptions. Logistics, 7 (4), 95. https://doi.org/10.3390/logistics7040095 DOI: https://doi.org/10.3390/logistics7040095
Colicchia, C., Creazza, A., & Menachof, D.A. (2018). Managing cyber and information risks in supply chains: insights from an exploratory analysis. Supply Chain Management: An International Journal, 24 (2), 215-240. https://doi.org/10.1108/SCM-09-2017-0289 DOI: https://doi.org/10.1108/SCM-09-2017-0289
Cremer, F., Sheehan, B., Fortmann, M., Kia, A.N., Mullins, M., Murphy, F., & Materne, S. (2022). Cyber risk and cybersecurity: a systematic review of data availability. The Geneva papers on risk and insurance. Issues and practice, 47 (1), 698. https://doi.org/10.1057/s41288-022-00266-6 DOI: https://doi.org/10.1057/s41288-022-00266-6
Dedeke, A., & Masterson, K. (2019). Contrasting cybersecurity implementation frameworks (CIF) from three countries. Information & Computer Security, 27 (3), 373-392. https://doi.org/10.1108/ICS-10-2018-0122 DOI: https://doi.org/10.1108/ICS-10-2018-0122
Eling, M., & Schnell, W. (2016). What do we know about cyber risk and cyber risk insurance? The Journal of Risk Finance, 17 (5), 474-491. https://doi.org/10.1108/JRF-09-2016-0122 DOI: https://doi.org/10.1108/JRF-09-2016-0122
Eling, M., McShane, M., & Nguyen, T. (2021). Cyber risk management: History and future research directions. Risk Management and Insurance Review, 24 (6), 93-125. https://doi.org/10.1111/rmir.12169 DOI: https://doi.org/10.1111/rmir.12169
Grimwade, M. (2023). The potential impacts of the digital revolution on the operational risk profiles of banks. Journal of Risk Management in Financial Institutions, 17 (1), 71-88. https://doi.org/10.69554/FFSP1788 DOI: https://doi.org/10.69554/FFSP1788
Hanif, Y., & Lallie, H.S. (2021). Security factors on the intention to use mobile banking applications in the UK older generation (55+). A mixed-method study using modified UTAUT and MTAM-with perceived cyber security, risk, and trust. Technology in Society, 67 (2), 101693. https://doi.org/10.1016/j.techsoc.2021.101693 DOI: https://doi.org/10.1016/j.techsoc.2021.101693
Harris, O., & Nguyen, T. (2024). Asset redeployability and the market reaction to cyberattacks. Finance Research Letters, 70 (2), 106278. https://doi.org/10.1016/j.frl.2024.106278 DOI: https://doi.org/10.1016/j.frl.2024.106278
Hashem, S. (2019). Towards a National Cybersecurity Strategy: The Egyptian Case. Journal of Systemics, Cybernetics and Informatics, 17 (3), 88-94. https://www.iiisci.org/journal/pdv/sci/pdfs/SA867CS19.pdf
Hurani, J., Abdel-Haq, M.K., & Camdzic, E. (2024). FinTech Implementation Challenges in the Palestinian Banking Sector. International Journal of Financial Studies, 12 (4), 122. https://doi.org/10.20944/preprints202411.0832.v1 DOI: https://doi.org/10.3390/ijfs12040122
Ivanov, D., Dolgui, A., & Sokolov, B. (2018). The impact of digital technology and Industry 4.0 on the ripple effect and supply chain risk analytics. International journal of production research, 57 (3), 829-846. https://doi.org/10.1080/00207543.2018.1488086 DOI: https://doi.org/10.1080/00207543.2018.1488086
Ivanov, D., Dolgui, A., Das, A., & Sokolov, B. (2019). Digital supply chain twins: Managing the ripple effect, resilience, and disruption risks by data-driven optimization, simulation, and visibility. Handbook of ripple effects in the supply chain, 309-332. https://doi.org/10.1007/978-3-030-14302-2_15 DOI: https://doi.org/10.1007/978-3-030-14302-2_15
Jerman-Blažič, B., & Borka, J. (2008). An economic modelling approach to information security risk management. International Journal of Information Management, 28 (5), 413-422. https://doi.org/10.1016/j.ijinfomgt.2008.02.002 DOI: https://doi.org/10.1016/j.ijinfomgt.2008.02.002
Kamiya, S., Kang, J. K., Kim, J., Milidonis, A., & Stulz, R.M. (2020). Risk management, firm reputation, and the impact of successful cyberattacks on target firms. Journal of Financial Economics, 139 (3), 719-749. https://doi.org/10.1016/j.jfineco.2019.05.019 DOI: https://doi.org/10.1016/j.jfineco.2019.05.019
Knowles, W., Prince, D., Hutchison, D., Disso, J.F.P., & Jones, K. (2015). A survey of cyber security management in industrial control systems. International journal of critical infrastructure protection, 9, 52-80. https://doi.org/10.1016/j.ijcip.2015.02.002 DOI: https://doi.org/10.1016/j.ijcip.2015.02.002
Li, H., Luo, X. R., Zhang, J., & Sarathy, R. (2017). Self-control, organizational context, and rational choice in Internet abuses at work. Information & Management, 55 (3), 358-367. https://doi.org/10.1016/j.im.2017.09.002 DOI: https://doi.org/10.1016/j.im.2017.09.002
Lois, P., Drogalas, G., Karagiorgos, A., & Tsikalakis, K. (2020). Internal audits in the digital era: opportunities risks and challenges. EuroMed Journal of Business, 15 (2), 205-217. https://doi.org/10.1108/EMJB-07-2019-0097 DOI: https://doi.org/10.1108/EMJB-07-2019-0097
Mahmud, M., Haq, I. U. et al. (2021). Information security in business: a bibliometric analysis of the 100 top cited articles. Library Philosophy and Practice, 1-49. https://digitalcommons.unl.edu/libphilprac/5354/
Mishna, F., Khoury-Kassabri, M., Gadalla, T., & Daciuk, J. (2012). Risk factors for involvement in cyber bullying: Victims, bullies and bully–victims. Children and Youth Services Review, 34 (1), 63-70. https://doi.org/10.1016/j.childyouth.2011.08.032 DOI: https://doi.org/10.1016/j.childyouth.2011.08.032
Mukhopadhyay, A., Chatterjee, S., Saha, D., Mahanti, A., & Sadhukhan, S.K. (2013). Cyber-risk decision models: To insure IT or not? Decision Support Systems, 56 (1), 11-26. https://doi.org/10.1016/j.dss.2013.04.004 DOI: https://doi.org/10.1016/j.dss.2013.04.004
Napetvaridze, V., & Chochia, A. (2019). Cybersecurity in the Making–Policy and Law: a Case Study of Georgia. International & Comparative Law Review/Mezinárodní a Srovnávací Právní Revue, 19 (2), 155-180. https://doi.org/10.2478/iclr-2019-0019 DOI: https://doi.org/10.2478/iclr-2019-0019
Ng, A.W., & Kwok, B.K. (2017). Emergence of Fintech and cybersecurity in a global financial centre: Strategic approach by a regulator. Journal of Financial Regulation and Compliance, 25 (1), 422-434. https://doi.org/10.1108/JFRC-01-2017-0013 DOI: https://doi.org/10.1108/JFRC-01-2017-0013
Nobanee, H., Alodat, A., Bajodah, R., Al-Ali, M., & Al Darmaki, A. (2023). Bibliometric analysis of cybercrime and cybersecurity risks literature. Journal of Financial Crime, 30 (6), 1736-1754. https://doi.org/10.1108/JFC-11-2022-0287 DOI: https://doi.org/10.1108/JFC-11-2022-0287
Nordwall, B.D. (1997). Cyber threats place infrastructure at risk. Aviation Week & Space Technology, 146 (27), 51-51.
Osho, O., & Onoja, A. D. (2015). National cyber security policy and strategy of Nigeria: a qualitative analysis. International Journal of Cyber Criminology, 9 (1), 120. https://doi.org/10.5281/zenodo.22390
Osiyevskyy, О., Umantsiv, Y., & Biliavska, Y. (2023). Digital Ecosystem: A Mechanism of Economic Organization of Enterprises of the Future. Rutgers Business Review, 8 (2), 175-194. https://ekmair.ukma.edu.ua/server/api/core/bitstreams/d200b6b0-97fd-4083-a75a-ea77c0d4214a/content
Özgün Atalay, M., Erdem Tunç, Y., & Ceren Erkengel, H. (2023). Cyber-Spirituality in the Workplace. In Spirituality Management in the Workplace: New Strategies and Approaches (pp. 359-382). Emerald Publishing Limited. https://doi.org/10.1108/978-1-83753-450-020231016 DOI: https://doi.org/10.1108/978-1-83753-450-020231016
Panetta, I.C., & Leo, S. (2024). Systemic Cyber Risk in the Financial Sector: Can Network Analysis Assist in Identifying Vulnerabilities and Improving Resilience? In Systemic Risk and Complex Networks in Modern Financial Systems (pp. 133-153). Cham: Springer Nature Switzerland. https://doi.org/10.1007/978-3-031-64916-5_8 DOI: https://doi.org/10.1007/978-3-031-64916-5_8
Parn, E.A., & Edwards, D. (2019). Cyber threats confronting the digital built environment: Common data environment vulnerabilities and block chain deterrence. Engineering, Construction and Architectural Management, 26 (2), 245-266. https://doi.org/10.1108/ECAM-03-2018-0101 DOI: https://doi.org/10.1108/ECAM-03-2018-0101
Petratos, P.N. (2021). Misinformation, disinformation, and fake news: Cyber risks to business. Business Horizons, 64 (4), 763-774. https://doi.org/10.1016/j.bushor.2021.07.012 DOI: https://doi.org/10.1016/j.bushor.2021.07.012
Phair, N. (2024). Cyberwashing: The disconnect between cyber security claims and real practices. Journal of Risk Management in Financial Institutions, 18 (1), 76-83. https://doi.org/10.69554/CDCM7958 DOI: https://doi.org/10.69554/CDCM7958
Radanliev, P., & De Roure, D. (2021). Epistemological and bibliometric analysis of ethics and shared responsibility-health policy and IoT systems. Sustainability, 13 (15), 8355. https://doi.org/10.3390/su13158355 DOI: https://doi.org/10.3390/su13158355
Rahman, M.M., Pokharel, B.P., Sayeed, S.A., Bhowmik, S.K., Kshetri, N., & Eashrak, N. (2024). riskAIchain: AI-Driven IT Infrastructure-Blockchain-Backed Approach for Enhanced Risk Management. Risks, 12 (12), 206. https://doi.org/10.3390/risks12120206 DOI: https://doi.org/10.3390/risks12120206
Rajapathirana, R.J., & Hui, Y. (2017). Relationship between innovation capability, innovation type, and firm performance. Journal of Innovation & Knowledge, 3 (1), 44-55. https://doi.org/10.1016/j.jik.2017.06.002 DOI: https://doi.org/10.1016/j.jik.2017.06.002
Rampášek, M., Mesarčík, M., & Andraško, J. (2025). Evolving cybersecurity of AI-featured digital products and services: Rise of standardisation and certification? Computer Law & Security Review, 56, 106093. https://doi.org/10.1016/j.clsr.2024.106093 DOI: https://doi.org/10.1016/j.clsr.2024.106093
Rees, L.P., Deane, J.K., Rakes, T.R., & Baker, W.H. (2011). Decision support for cybersecurity risk planning. Decision Support Systems, 51 (3), 493-505. https://doi.org/10.1016/j.dss.2011.02.013 DOI: https://doi.org/10.1016/j.dss.2011.02.013
Sawik, T. (2013). Selection of optimal countermeasure portfolio in IT security planning. Decision Support Systems, 55 (1), 156-164. https://doi.org/10.1016/j.dss.2013.01.001 DOI: https://doi.org/10.1016/j.dss.2013.01.001
Shackelford, S.J. (2012). Should your firm invest in cyber risk insurance? Business Horizons, 55 (4), 349-356. https://doi.org/10.1016/j.bushor.2012.02.004 DOI: https://doi.org/10.1016/j.bushor.2012.02.004
Shestack, Y., Biliavska, Y., Osetskyi, V., Mykytenko, N., & Umantsiv, Y. (2023). Devising a comprehensive method to manage digital competencies. Eastern-European Journal of Enterprise Technologies, 3 (13), 86–97. https://doi.org/10.15587/1729-4061.2023.281933 DOI: https://doi.org/10.15587/1729-4061.2023.281933
Srinidhi, B., Yan, J., & Tayi, G.K. (2015). Allocation of resources to cyber-security: The effect of misalignment of interest between managers and investors. Decision Support Systems, 75 (6), 49-62. https://doi.org/10.1016/j.dss.2015.04.011 DOI: https://doi.org/10.1016/j.dss.2015.04.011
Stewart, H., & Jürjens, J. (2018). Data security and consumer trust in FinTech innovation in Germany. Information & Computer Security, 26 (1), 109-128. https://doi.org/10.1108/ICS-06-2017-0039 DOI: https://doi.org/10.1108/ICS-06-2017-0039
Strange, R., & Zucchella, A. (2017). Industry 4.0, global value chains and international business. Multinational Business Review, 25 (4), 174-184. https://doi.org/10.1108/MBR-05-2017-0028 DOI: https://doi.org/10.1108/MBR-05-2017-0028
Udofia, E. (2024). A human-centric approach to cyber risk mitigation. In the Art of Cyber Defense (pp. 241-259). CRC Press. DOI: https://doi.org/10.1201/9781032714806-17
Von Solms, R., & Van Niekerk, J. (2013). From information security to cyber security. Computers & security, 38, 97-102. https://doi.org/10.1016/j.cose.2013.04.004 DOI: https://doi.org/10.1016/j.cose.2013.04.004
Whitty, M.T. (2019). Predicting susceptibility to cyber-fraud victimhood. Journal of Financial Crime, 26 (1), 277-292. https://doi.org/10.1108/JFC-10-2017-0095 DOI: https://doi.org/10.1108/JFC-10-2017-0095
Ziniuk, M., Dyeyeva, N., Bogatyrova, K., Melnychenko, S., Fayvishenko, D., & Shevchun, M. (2022). Digital Transformation of Corporate Governance. Financial and Credit Activity Problems of Theory and Practice, 5 (46), 300–310. https://doi.org/10.55643/fcaptp.5.46.2022.3807 DOI: https://doi.org/10.55643/fcaptp.5.46.2022.3807