Strategies for Proper Security Practices in Small Financial Institutions

Author

Adam Leffell, Walden University

Date of Conferral

2023

Degree

Doctor of Information Technology (D.I.T.)

School

Information Systems and Technology

Advisor

Alan Dawson

Abstract

Financial institutions remain high targets for threat actors because of potentially lucrativefinancial gains from security breaches. Information technology (IT) security professionals in financial institutions are concerned about weak security strategies that could lead to security breaches. Grounded in the technology acceptance model (TAM), the purpose of this qualitative multiple case study was to explore strategies IT security professionals use to implement proper security practices to prevent security breaches. The participants were three IT security professionals from three different financial institutions that oversee the implementation of security policies and procedures. Data collection involved conducting semi-structured interviews and public documents. Through thematic analysis, four themes were identified: layered security, security auditing, technology adaptive, and vendor relationships. Recommendations are for IT security professionals to implement security in layers, review existing security controls and technology with current available market trends, and audit existing security controls to identify gaps with industry standards. The implications for positive social change include potential guidance for IT security professionals to able to strengthen an organizations security posture to better protect resources, intellectual property, and safeguard customer data from threat actors

Recommended Citation

Leffell, Adam, "Strategies for Proper Security Practices in Small Financial Institutions" (2023). Walden Dissertations and Doctoral Studies. 12151.
https://scholarworks.waldenu.edu/dissertations/12151