Arseam

International Journal of E Government & E Business Research

CYBERSECURITY AUDITS AND THE MITIGATION OF CYBER-ATTACKS OF SELECTED COMPANIES IN NIGERIA

Sunny Biobele Beredugo

Sunny Biobele Beredugo : Lecturer, Department of Accounting Margaret Lawrence University, Ika-North East, Delta State-Nigeria, 321108 https://orcid.org/0000-0002-5676-6799

DOI : https://doi.org/10.53882/IJEGEBR.2024.0901003 Page No : 19-35

Published Online : 2024-06-30

Download Full Article : PDF Check for Updates

ABSTRACT

Aim of the Study: The study is dedicated to addressing two critical questions: Can cyber security audits effectively reduce cybercrimes in Nigeria? And, is the use of cyber security tools to mitigate cyber-attacks by the financial sector significantly different from that of the non-financial sectors in Nigeria?

Design/Methodology: The survey design was used to collect information from 125 respondents, cutting across the regional headquarters of 32 selected companies in the South-West and the North-West regions in Nigeria as a means to explore the aim of the study through ordinary least square and independent t-tests analysis.

Findings: The results show that cyber security audit can assist in averting cybercrime. The result also indicated that there is no significant difference in the cyber security tools used, between the financial and non-financial sectors in mitigating cyber-attacks in Nigeria.

Practical implications: The study demonstrates that integrating cyber security audits into companies' practices can significantly reduce vulnerability to cyber-attacks. By incorporating cyber security tools into audit plans and regularly evaluating their operational effectiveness, Nigerian firms can fortify their defences against potential threats.

Originality/value: The study delved into whether the use of cyber security tools in curbing cyber-attacks in the financial sector differs significantly from that in the non-financial sectors in Nigeria. The research conclusively demonstrated that organisations armed with robust cyber security audit architecture can effectively repel all cyber threats and attacks.

Keywords: cyber security audit, cyber-attacks, encryption tools, web vulnerability scanning.

Paper type: Research paper.

REFERENCES

Beredugo S B, Akhuamheokhun C I & Ekpo B. (2021). Credit Risk Management and Loan Recovery in Nigeria deposit money Bank. International Journal of Trend in Scientific Research and Development (IJTSRD), 5(2),1181-1186. Retrieved From: https://www.ijtsrd.com/papers/ijtsrd38430.pdf
Beredugo, S. B. (2021). Determinants of Earnings Response Coefficient in the Nigerian Post-IFRS Implementation Era. Asian Journal of Economics, Business and Accounting 21(7), 24-31, DOI: http://dx.doi.org/10.9734/ajeba/2021/v21i730399
Beredugo, S. B. (2021).International Public Sector Accounting Standards (IPSAS) Implementation and Financial Reporting: Issues and Challenges in South-East Nigeria, 1(1), 1-11. DOI: http://dx.doi.org/10.47747/jat.v1i1.405
Beredugo, S. B. Inah, E. U. & Edom, G. O. (2014). Appraisal of Forensic Investigation and Auditors’ Liability: Empirical Evidence from Nigeria. The International Journal of Business &Management, 2(4), 226-270. Retrieved From: https://www.internationaljournalcorner.com/index.php/theijbm/article/view/137738
Beredugo, S. B., Azubike, J. U. B. & Mefor, I. P (2019). Addressing Tax Evasion and Avoidance through Effective Tax Audit and Investigation in Cross River State, Nigeria. International Journal of Research and Scientific Innovation. 6(6), 65-69. Retrieved From: https://www.rsisinternational.org/journals/ijrsi/digital-library/volume-6-issue-6/65-69.pdf
Beredugo, S. B., Igbeng, E. I. & Eze, F. J. (2013). The Significance of International Corporate Governance Disclosures on Financial Reporting in Nigeria, International Journal of Business and Management. 8(8), 100-108.DOI: http://dx.doi.org/10.5539/ijbm.v8n8p100
Bhargava, R (2021). Cyber Crime and Cyber Security in Madhya Pradesh. NJESR, 2(8), 53-62.DOI: http://dx.doi.org/10.53571/NJESR 2021.2.8.53-61
Boehm, J., Curcio N., Merrath, P., Shenton, L. & Stahle, T., (2019). The risk-based approach to cybersecurity. McKinsey’s Our Insights. Retrieved From https://www.mckinsey.com/capabilities/risk-and-resilience/our-insights/the-risk-based-approach-to-cybersecurity
Central Bank of Nigeria (CBN) (2022). Issuance of risk-based cybersecurity framework and guidelines for other financial institutions (OFIs). Central Bank of Nigeria Publications.
Chaudhuri, A. & Kahyaoglu, B. S. (2023). Cybersecurity assurance in smart cities: a risk management perspective. EDPACS, 67(4), 1–22. DOI: https://doi.org/10.1080/07366981.2023.2165293
Claypole, A. (2nd May, 2021). The COSO ERM framework explained. Retrieved fromhttps://www.ideagen.com/thought-leadership/blog/the-coso-erm-framework-explained
Clubb, A. C. & Hinkle, J. C. (2015). Protection motivation theory as a theoretical framework for understanding the use of protective measures. Criminal Justice Studies, DOI: http://dx.doi.org/10.1080/1478601X.2015.1050590
Dasinapa, M. B., & Ermawati, Y. (2024). Insights into Emerging Trends Shaping the Future of Audit and Assurance. Advances in Managerial Auditing Research, 2(2), 75–86. DOI: https://doi.org/10.60079/amar.v2i2.292
Delloitte, (2022). Cyber security Outlook. Retrieved from http//:Nigeria Cyber security Outlook 2022 (deloitte.com)
Elmaasrawy, H. E. & Tawfik, O.I. (2024). Impact of the assertive and advisory role of internal auditing on proactive measures to enhance cybersecurity: evidence from GCC. Journal of Science and Technology Policy Management. Vol. ahead-of-print No. ahead-of-print. DOI: https://doi.org/10.1108/JSTPM-01-2023-0004
Eze, F. J., Nnabuko, J. & Beredugo, S. B. (2014). The Influence of Word-of-Mouth Communication on Consumers’ Choice of Selected Products in Nigeria. European Journal of Business and Management, 6(2), 125-130. Retrieved from: https://www.iiste.org/Journals/index.php/EJBM/article/viewFile/14463/14961
Holmes, J. (2023). The Top 20 Cyber Security Audit Checklist Strategies in 2023. Retrieved from http://TheTop20CyberSecurityAuditChecklistStrategiesin2023-Stanfield IT
Institute of Internal Auditors (IIA) (2020a). Rethinking preparedness: Pandemics and cybersecurity. Retrieved from https://global.theiia.org/knowledge/Public% 20Documents/IIA-Bulletin-Rethinking-Preparedness-Pandemics-and-Cybersecurity.pdf.
Institute of Internal Auditors (IIA) (2020b). How Organizations globally are responding to Covid-19.. Retrieved from https://na.theiia.org/periodicals/Public%20Documents/GKB-How-Organizations-Globally-Are-Responding-to-COVID-19.
Internal Audit Foundation and Crowe Horwath (2018). The future of cybersecurity in internal audit. Retrieved from https://www.crowe.com/-/media/Crowe/LLP/ folio-pdf/The-Future-of-Cybersecurity-in-IA-RISK-18000-002A-update.
International Labour Organisation (ILO) (2022).Enterprise Risk Management: A Guide for EBMOs to promote efficiency and business resilience. International Labour Organisation Publisher.
Islam, M., Farah, N. & Staffor, T.F., (2018). Factors associated with security/cybersecurity audit by internal audit function. Managerial Audit. J. 33 (4), 377–409. DOI: https://doi.org/10.1108/MAJ-07-2017-1595.
Iyatse, G. & Adepetun, A. (2020). Alleged cyber-attack on CBN causes stir in banks, others. Retrieved from: http://guardian.ng/categories/news
Jadhav, K. D. (2023). The Role of Cyber Security Audits in Managing Company Systems and Applications. Retrieved from: https://www.researchgate.net/publication/367559332
Kurniawan, Y., & Mulyawan, A. N. (2023).The Role of External Auditors in Improving Cybersecurity of the Companies through Internal Control in Financial Reporting. Journal of System and Management Sciences, 13(1), 485-510. DOI:https://doi.org/10.33168/JSMS.2023.0126
Lois, P., Drogalas, G., Karagiorgos, A., Thrassou, A., & Vrontis, D. (2021).Internal auditing and cyber security: audit role and procedural contribution. Int. J. Managerial and Financial Accounting, 13 (1), 25-47. DOI: https://dx.doi.org/10.1504/IJMFA.2021.116207
Martinez, J. (16thApri, 2024). Cyber security Audit: The Ultimate Guide for 2024. Retrieved from https://www.strongdm.com/blog/author/john-martinez
Mishra, S., Dhir, S. & Hooda, M. (2016). A Study on Cyber Security, Its Issues and Cyber Crime Rates in India. In: Saini, H., Sayal, R., Rawat, S. (eds) Innovations in Computer Science and Engineering. Advances in Intelligent Systems and Computing, 413(1), 314-325. Springer, Singapore. DOI: https://doi.org/10.1007/978-981-10-0419-3_30
National Institute of Standards and Technology (NIST) standards (2018). Framework for Improving Critical Infrastructure Cyber security. Retrieved from https://www.nist.gov/publications/framework-improving-critical-infrastructure-cybersecurity-version-11
Nelson,C. (2020). NIgerian banks and rising cyber threats. Retrieved From www.Nigerian banks and rising cyber threats | The Guardian Nigeria News - Nigeria and World News — Business — The Guardian Nigeria News – Nigeria and World News
Osuagwu,P. (2022). Cybersecurity Landscape: Nigerian companies’ll pay huge ransom on ransomware. Retrieved from https://www.vanguardngr.com/2022/01/2022-cybersecurity-landscape-nigerian-companiesll-pay-huge-ransom-on-ransomware/
Perols, R. R. (2024). The Impact of the Type of Cyber security Assurance Service and Cybersecurity Incidents on Investor Perceptions and Decisions. AUDITING: A Journal of Practice & Theory, 43 (3): 187–202. DOI: https://doi.org/10.2308/AJPT-19-022
Puri, L. (21st February, 2023). Understanding Cyber Security: Need of the hour. Lokmat Times. Pg 14 Retrieved from https://epaper.lokmat.com/lokmattimes/index.php?dated=2023-02-21
Raghavan, A. R., & Parthiban, L. (2014). The effect of cybercrime on a Bank’s finances. International Journal of Current Research & Academic Review, 2(2), 173-178. Retrieved from: http://www.ijcrar.com/vol-2 2/A.R.%20Raghavan%20and%20Latha%20Parthiban.pdf
Sabillon, R. & Higuera, B. J. R. (2023). New Validation of a Cyber security Model to Audit the Cybersecurity Program in a Canadian Higher Education Institution. Conference on Information Communications Technology and Society (ICTAS), Durban, South Africa, 2023, pp. 1-6, DOI: https://doi.org/10.1109/ICTAS56421.2023.10082731.
Sanchez-Garcia, I. D., Rea-Guaman, A.M., Gilabert, T.S., Calvo-Manzano, J.A. (2024). Cybersecurity Risk Audit: A Systematic Literature Review. In: Mejía, J., Muñoz, M., Rocha, A., Hernández Pérez, Y., Avila-George, H. (eds) New Perspectives in Software Engineering. Studies in Computational Intelligence, vol 1135. Springer, Cham. DOI: https://doi.org/10.1007/978-3-031-50590-4_18
Slapnicar, S., Vuko, T., Cular, M., & Drascek, M. (2021). Effectiveness of cyber security audit. International Journal of Accounting Information Systems.DOI: https://doi.org/10.1016/j.accinf.2021.100548
Sweny, G. (22nd July, 2024). What is a Cyber security audit & why is it important? Retrieved from https://agileblue.com/what-is-a-cybersecurity-audit/
World Economic Forum (WEF), (2022). The Global Risks Report 2022, (17th edition), WEF Publishers. Retrieved From: https://www3.weforum.org/docs/WEF_The_Global_Risks_Report_2022.pd
World Economic Forum (WEF), (2023). The Global Risks Report 2023, (18th edition), WEF Publishers. Retrieved from: https://www3.weforum.org/docs/WEF_The_Global_Risks_Report_2023.pdf
World Economic Forum (WEF), (2024). The Global Risks Report 2024, (19th edition), WEF Publishers. Retrieved from: https://www3.weforum.org/docs/WEF_The_Global_Risks_Report_2024.pdf

Cite this Article as : Beredugo S. B(2024), “Cyber security Audits And The Mitigation Of Cyber-Attacks Of Selected Companies In Nigeria”, International Journal of E-Government & E-Business Research, Vol. 9, Issue 1, 2024, pp 19-35, DOI: https://doi.org/10.53882/IJEGEBR.2024.0901003

Article View: 96
PDF Download: 9

REFERENCES

Beredugo S B, Akhuamheokhun C I & Ekpo B. (2021). Credit Risk Management and Loan Recovery in Nigeria deposit money Bank. International Journal of Trend in Scientific Research and Development (IJTSRD), 5(2),1181-1186. Retrieved From: https://www.ijtsrd.com/papers/ijtsrd38430.pdf
Beredugo, S. B. (2021). Determinants of Earnings Response Coefficient in the Nigerian Post-IFRS Implementation Era. Asian Journal of Economics, Business and Accounting 21(7), 24-31, DOI: http://dx.doi.org/10.9734/ajeba/2021/v21i730399
Beredugo, S. B. (2021).International Public Sector Accounting Standards (IPSAS) Implementation and Financial Reporting: Issues and Challenges in South-East Nigeria, 1(1), 1-11. DOI: http://dx.doi.org/10.47747/jat.v1i1.405
Beredugo, S. B. Inah, E. U. & Edom, G. O. (2014). Appraisal of Forensic Investigation and Auditors’ Liability: Empirical Evidence from Nigeria. The International Journal of Business &Management, 2(4), 226-270. Retrieved From: https://www.internationaljournalcorner.com/index.php/theijbm/article/view/137738
Beredugo, S. B., Azubike, J. U. B. & Mefor, I. P (2019). Addressing Tax Evasion and Avoidance through Effective Tax Audit and Investigation in Cross River State, Nigeria. International Journal of Research and Scientific Innovation. 6(6), 65-69. Retrieved From: https://www.rsisinternational.org/journals/ijrsi/digital-library/volume-6-issue-6/65-69.pdf
Beredugo, S. B., Igbeng, E. I. & Eze, F. J. (2013). The Significance of International Corporate Governance Disclosures on Financial Reporting in Nigeria, International Journal of Business and Management. 8(8), 100-108.DOI: http://dx.doi.org/10.5539/ijbm.v8n8p100
Bhargava, R (2021). Cyber Crime and Cyber Security in Madhya Pradesh. NJESR, 2(8), 53-62.DOI: http://dx.doi.org/10.53571/NJESR 2021.2.8.53-61
Boehm, J., Curcio N., Merrath, P., Shenton, L. & Stahle, T., (2019). The risk-based approach to cybersecurity. McKinsey’s Our Insights. Retrieved From https://www.mckinsey.com/capabilities/risk-and-resilience/our-insights/the-risk-based-approach-to-cybersecurity
Central Bank of Nigeria (CBN) (2022). Issuance of risk-based cybersecurity framework and guidelines for other financial institutions (OFIs). Central Bank of Nigeria Publications.
Chaudhuri, A. & Kahyaoglu, B. S. (2023). Cybersecurity assurance in smart cities: a risk management perspective. EDPACS, 67(4), 1–22. DOI: https://doi.org/10.1080/07366981.2023.2165293
Claypole, A. (2nd May, 2021). The COSO ERM framework explained. Retrieved fromhttps://www.ideagen.com/thought-leadership/blog/the-coso-erm-framework-explained
Clubb, A. C. & Hinkle, J. C. (2015). Protection motivation theory as a theoretical framework for understanding the use of protective measures. Criminal Justice Studies, DOI: http://dx.doi.org/10.1080/1478601X.2015.1050590
Dasinapa, M. B., & Ermawati, Y. (2024). Insights into Emerging Trends Shaping the Future of Audit and Assurance. Advances in Managerial Auditing Research, 2(2), 75–86. DOI: https://doi.org/10.60079/amar.v2i2.292
Delloitte, (2022). Cyber security Outlook. Retrieved from http//:Nigeria Cyber security Outlook 2022 (deloitte.com)
Elmaasrawy, H. E. & Tawfik, O.I. (2024). Impact of the assertive and advisory role of internal auditing on proactive measures to enhance cybersecurity: evidence from GCC. Journal of Science and Technology Policy Management. Vol. ahead-of-print No. ahead-of-print. DOI: https://doi.org/10.1108/JSTPM-01-2023-0004
Eze, F. J., Nnabuko, J. & Beredugo, S. B. (2014). The Influence of Word-of-Mouth Communication on Consumers’ Choice of Selected Products in Nigeria. European Journal of Business and Management, 6(2), 125-130. Retrieved from: https://www.iiste.org/Journals/index.php/EJBM/article/viewFile/14463/14961
Holmes, J. (2023). The Top 20 Cyber Security Audit Checklist Strategies in 2023. Retrieved from http://TheTop20CyberSecurityAuditChecklistStrategiesin2023-Stanfield IT
Institute of Internal Auditors (IIA) (2020a). Rethinking preparedness: Pandemics and cybersecurity. Retrieved from https://global.theiia.org/knowledge/Public% 20Documents/IIA-Bulletin-Rethinking-Preparedness-Pandemics-and-Cybersecurity.pdf.
Institute of Internal Auditors (IIA) (2020b). How Organizations globally are responding to Covid-19.. Retrieved from https://na.theiia.org/periodicals/Public%20Documents/GKB-How-Organizations-Globally-Are-Responding-to-COVID-19.
Internal Audit Foundation and Crowe Horwath (2018). The future of cybersecurity in internal audit. Retrieved from https://www.crowe.com/-/media/Crowe/LLP/ folio-pdf/The-Future-of-Cybersecurity-in-IA-RISK-18000-002A-update.
International Labour Organisation (ILO) (2022).Enterprise Risk Management: A Guide for EBMOs to promote efficiency and business resilience. International Labour Organisation Publisher.
Islam, M., Farah, N. & Staffor, T.F., (2018). Factors associated with security/cybersecurity audit by internal audit function. Managerial Audit. J. 33 (4), 377–409. DOI: https://doi.org/10.1108/MAJ-07-2017-1595.
Iyatse, G. & Adepetun, A. (2020). Alleged cyber-attack on CBN causes stir in banks, others. Retrieved from: http://guardian.ng/categories/news
Jadhav, K. D. (2023). The Role of Cyber Security Audits in Managing Company Systems and Applications. Retrieved from: https://www.researchgate.net/publication/367559332
Kurniawan, Y., & Mulyawan, A. N. (2023).The Role of External Auditors in Improving Cybersecurity of the Companies through Internal Control in Financial Reporting. Journal of System and Management Sciences, 13(1), 485-510. DOI:https://doi.org/10.33168/JSMS.2023.0126
Lois, P., Drogalas, G., Karagiorgos, A., Thrassou, A., & Vrontis, D. (2021).Internal auditing and cyber security: audit role and procedural contribution. Int. J. Managerial and Financial Accounting, 13 (1), 25-47. DOI: https://dx.doi.org/10.1504/IJMFA.2021.116207
Martinez, J. (16thApri, 2024). Cyber security Audit: The Ultimate Guide for 2024. Retrieved from https://www.strongdm.com/blog/author/john-martinez
Mishra, S., Dhir, S. & Hooda, M. (2016). A Study on Cyber Security, Its Issues and Cyber Crime Rates in India. In: Saini, H., Sayal, R., Rawat, S. (eds) Innovations in Computer Science and Engineering. Advances in Intelligent Systems and Computing, 413(1), 314-325. Springer, Singapore. DOI: https://doi.org/10.1007/978-981-10-0419-3_30
National Institute of Standards and Technology (NIST) standards (2018). Framework for Improving Critical Infrastructure Cyber security. Retrieved from https://www.nist.gov/publications/framework-improving-critical-infrastructure-cybersecurity-version-11
Nelson,C. (2020). NIgerian banks and rising cyber threats. Retrieved From www.Nigerian banks and rising cyber threats | The Guardian Nigeria News - Nigeria and World News — Business — The Guardian Nigeria News – Nigeria and World News
Osuagwu,P. (2022). Cybersecurity Landscape: Nigerian companies’ll pay huge ransom on ransomware. Retrieved from https://www.vanguardngr.com/2022/01/2022-cybersecurity-landscape-nigerian-companiesll-pay-huge-ransom-on-ransomware/
Perols, R. R. (2024). The Impact of the Type of Cyber security Assurance Service and Cybersecurity Incidents on Investor Perceptions and Decisions. AUDITING: A Journal of Practice & Theory, 43 (3): 187–202. DOI: https://doi.org/10.2308/AJPT-19-022
Puri, L. (21st February, 2023). Understanding Cyber Security: Need of the hour. Lokmat Times. Pg 14 Retrieved from https://epaper.lokmat.com/lokmattimes/index.php?dated=2023-02-21
Raghavan, A. R., & Parthiban, L. (2014). The effect of cybercrime on a Bank’s finances. International Journal of Current Research & Academic Review, 2(2), 173-178. Retrieved from: http://www.ijcrar.com/vol-2 2/A.R.%20Raghavan%20and%20Latha%20Parthiban.pdf
Sabillon, R. & Higuera, B. J. R. (2023). New Validation of a Cyber security Model to Audit the Cybersecurity Program in a Canadian Higher Education Institution. Conference on Information Communications Technology and Society (ICTAS), Durban, South Africa, 2023, pp. 1-6, DOI: https://doi.org/10.1109/ICTAS56421.2023.10082731.
Sanchez-Garcia, I. D., Rea-Guaman, A.M., Gilabert, T.S., Calvo-Manzano, J.A. (2024). Cybersecurity Risk Audit: A Systematic Literature Review. In: Mejía, J., Muñoz, M., Rocha, A., Hernández Pérez, Y., Avila-George, H. (eds) New Perspectives in Software Engineering. Studies in Computational Intelligence, vol 1135. Springer, Cham. DOI: https://doi.org/10.1007/978-3-031-50590-4_18
Slapnicar, S., Vuko, T., Cular, M., & Drascek, M. (2021). Effectiveness of cyber security audit. International Journal of Accounting Information Systems.DOI: https://doi.org/10.1016/j.accinf.2021.100548
Sweny, G. (22nd July, 2024). What is a Cyber security audit & why is it important? Retrieved from https://agileblue.com/what-is-a-cybersecurity-audit/
World Economic Forum (WEF), (2022). The Global Risks Report 2022, (17th edition), WEF Publishers. Retrieved From: https://www3.weforum.org/docs/WEF_The_Global_Risks_Report_2022.pd
World Economic Forum (WEF), (2023). The Global Risks Report 2023, (18th edition), WEF Publishers. Retrieved from: https://www3.weforum.org/docs/WEF_The_Global_Risks_Report_2023.pdf
World Economic Forum (WEF), (2024). The Global Risks Report 2024, (19th edition), WEF Publishers. Retrieved from: https://www3.weforum.org/docs/WEF_The_Global_Risks_Report_2024.pdf

Int. J. of E-Gov. & E-Busi Res

CYBERSECURITY AUDITS AND THE MITIGATION OF CYBER-ATTACKS OF SELECTED COMPANIES IN NIGERIA

**Central Bank of Nigeria (CBN) (2022). Issuance of risk-based cybersecurity framework and guidelines for other financial institutions (OFIs). Central Bank of Nigeria Publications.**

**Central Bank of Nigeria (CBN) (2022). Issuance of risk-based cybersecurity framework and guidelines for other financial institutions (OFIs). Central Bank of Nigeria Publications.**

Aims and Objectives

Ethics Policy

Peer Review Policy

Call for Paper

Conference

Instruction To Review

Guide To Authors