Strategies Adopted By Selected Financial Institutions In Nigeria To Prevent Information Asset Breaches

Abstract

Financial institutions in Nigeria face high vulnerability to cyber-attacks. Many of them lack the capacity to implement the Central Bank of Nigeria’s (CBN) risk-based cybersecurity framework. This has eroded customer trust. Based on the Integrated Systems Theory of Information Security Management, this study aimed to examine strategies adopted by selected financial institutions to prevent information asset breaches. Using a qualitative multiple-case-study approach, data were collected through in-depth interviews with 25 participants (5 Board Members, 5 Senior Managers, 5 Chief Information Security Officers, and 10 IT Officers) from five institutions, supplemented by secondary sources. Thematic analysis revealed that institutions align security plans with organizational strategies and have policies in place, but show minimal capacity for full CBN compliance. Findings indicate 100 per cent alignment with internal strategies, but only 40 per cent full compliance with CBN’s risk-based guidelines based on participant reports. The study recommends CBN-led capacity building to enhance adoption as well as fostering positive social change through restored public confidence.