Date of Conferral

4-28-2026

Degree

Doctor of Information Technology (D.I.T.)

School

Information Systems and Technology

Advisor

Donald Carpenter

Abstract

Financial markets and industries are vulnerable to ransomware attacks. Information technology (IT) security subject matter experts (SMEs) are concerned about ransomware cyberattacks on critical infrastructure that threaten their customers’ financial privacy and the institution’s reputation, causing severe financial losses and diminishing productivity. Grounded in the diffusion of innovation theory, the purpose of this qualitative pragmatic inquiry was to explore strategies IT security SMEs use to increase the implementation of existing solutions to thwart cybersecurity attacks in the financial services sector. The participants were six IT security SMEs in the financial industry in the Northeast United States who were responsible for recommending strategies to thwart ransomware attacks. Data were collected using semistructured interviews and were triangulated with 12 publicly available documents. Four themes emerged from thematic analysis: (a) employee empowerment and awareness, (b) governance structures and organizational leadership, (c) securing the infrastructure, and (d) dynamic security countermeasures. IT security SMEs may shift from reactive defense to proactive resilience by cultivating a security-aware workforce, engaging leadership, and leveraging agile technology infrastructure. The implications for positive social change include the potential for cybersecurity professionals and organizational leaders to implement proactive resilience strategies that enhance public trust, protect sensitive financial data, and contribute to a safer and more resilient digital financial ecosystem.

Download

Share

 
COinS