Exploring the level of information security in the South African banking industry

Abstract

The purpose of this study is to explore the level of information security among South African banks with the aim of determining the level of their resilience to cyberattacks and intrusions. The study employs a mixed approach that involves both quantitative and qualitative analyses of the responses obtained from a structured questionnaire used as the survey instrument. The questionnaire was distributed to some selected members of staff of the 17 licensed banks in South Africa saddled with the responsibilities of operation, customer service, management, and administration. In addition, non-parametric statistical analyses such as Fischer’s Exact and Chi-square tests, as well as Spearman’s correlation, were carried out. The outcome of this study indicated that the effectiveness of information security on customers’ service in the South African banking industry is assumed to be high. South African banks are deploying different anti-fraud technologies to strengthen the level of information security; however, there are still substantial cases of cyberfraud and unauthorised intrusions. The findings also indicate that the integration of forensic accounting and management control systems may promote information security in the banking industry. This study provided an insight into the impact of information security framework development to reduce systems’ vulnerability and intrusions.