Cybersecurity Risks and Its Regulations. The Philosophy of Cybersecurity Audit




philosophy of cybersecurity, risk mitigation, cybersecurity audit, virtual bank, ransomware, security standards, information technology


Since financial institutions are leading targets of cyber attacks, the article’s main goal is to show that without dedicated action, the global financial system will only become more vulnerable as innovation, competition, and the pandemic further fuel the digital revolution. Also, the cost of cybercrime at financial institutions outpaces the cost of cybercrime in other industries. For example, according to a 2019 private study, the per-company cost of cybercrime is over $18 million for financial services companies, around 40% higher than the average cost for other sectors. If the entire system fails to address cybersecurity concerns adequately, this could lead to systemic risk – the risk that a cybersecurity incident would destabilize the financial system. The article considers the level of protection of confidential information in financial enterprises and the means of combating data leaks. In addition, the question of the need for an information technology audit, especially a cybersecurity audit, is raised.


Download data is not yet available.


Bowcut, S. (2022, November 10). Cybersecurity in the financial services industry. Cybersecurity guide. Retrieved January 31, 2023 from

Chappell, B., & Neuman, S. (2017, December 19). U.S. says North Korea ëDirectly responsibleí for WannaCry Ransomware attack. The Two-Way. Retrieved January 27, 2023, from

Chipeta, C. (2022, November 28). How to prepare for a PCI DSS audit in 7 steps. UpGuard. Re-trieved January 29, 2023, from

Cybersecurity audits: Best practices + checklist (2022, April 26). Reciprocity. Retrieved February 1, 2023, from

Duncan, C. (2022, September 8). 5 Biggest threats to cyber security in the banking industry in 2022. Deskalerts. Retrieved February 1, 2023, from,legal%20action%20by%20aggrieved%20customers

Karchija, A. A. (2014). Kiberbezopasnost' i intellektual'naja sobstvennost'. Chast' 1 (Cybersecurity and intellectual property, Part 1, in Russian). Voprosy kiberbezopasnosti (ìCybersecurity issuesî, in Russian), 1(2), 61-66.

Kost, E. (2023, January 10). Top 13 Cybersecurity Regulations for Financial Services. UpGuard. Retrieved February 1, 2023, from

Lazenby, S. (2022, October 6). DDoS attacks in the financial industry: How to protect your infra-structure and payments. Inetco. Retrieved January 29, 2023, from,than%20in%20all%20of%202021

Mahwah, N. J. (2022, August 17). Radware H1 2022 report: Malicious DDoS attacks climb 203%. Radware. Retrieved January 30, 2023, from

Mazzanti, C. (2019, June 12). Keep your business secure with an up-to-date firewall. Emazzanti technologies. Retrieved January 25, 2023, from

Mester, J. L. (2019). Cybersecurity and financial stability. Speech, Financial Stability Conference ñ Financial Stability: Risks, Resilience, and Policy - Federal Reserve Bank of Cleveland and the Office of Financial Research. Retrieved January 31, 2023, from

Michael, C. (2021, October). What is attack surface management and why is it necessary? TechTarget security. Retrieved January 30, 2023, from

NCSI (2023a). The national cyber security index: Country ranking. In NCSI. Retrieved February 1, 2023, from

NCSI (2023b). The national cyber security index: The methodology of calculation. In NCSI. Re-trieved February 1, 2023, from,national%20cyber%20security%20capacity%20building

Reuters. (2021, May 8). Colonial Pipeline halts all pipeline operations after cybersecurity attack. Reuters. Retrieved January 25, 2023, from

Sabillon, R., Serra-Ruiz, J., Cavaller, V., & Cano, J. (2018, April 2). A comprehensive cybersecurity audit model to improve cybersecurity assurance: The cybersecurity audit model (CSAM). 2017 International Conference on Information Systems and Computer Science, 2017 November 23-25 (pp. 253-259). DOI:

Sanger, D. E., Clifford, K., & Perlroth, N. (2021, May 8). Cyberattack forces a shutdown of a top U.S. pipeline. The New York Times. Retrieved January 25, 2023, from

Schwartz, M. J. (2016, March 10). Bangladesh bank hackers steal $100 million. Data Breach Today. Retrieved January 20, 2023, from

Shacklett, M. E. (2021, November). What is multifactor authentication and how does it work? Tech-Target security. Retrieved February 1, 2023, from

Stepanyan, K. (2022, October 5). Addressing the complexities of cybersecurity at fintech enterprises. Isaca Journal, Vol. 5. Retrieved February 1, 2023, from

Tan, H. T., & Libby, R. (1997). Tacit managerial versus technical knowledge as determinants of audit expertise in the field. Journal of Accounting Research, 35(1), 97-113. DOI:

Terry, R. (2021, August 19). Financial services: Web application attacks grow by 38% in first half of 2021. Imperva. Retrieved January 31, 2023, from

The Central Bank of the RA (2013). ìTeghekatvakan anvtangutíyan apahovman nvazaguyn pahan-jneri sahmanman veraberyal kargyî hastatelu masin HH KB 173-N voroshum (ìProcedure on the definition of minimum information security requirementsî, in Armenian). Retrieved January 31, 2023 from

Tunggal, A. T. (2022, November 24). What is third-party risk management? TPRM clearly explained. UpGuard. Retrieved January 28, 2023, from

Vailshery, L. S. (2022, November 22). Number of internet of things (IoT) connected devices worldwide from 2019 to 2030. Statista. Retrieved January 29, 2023, from

Van Remoortel, F. (2016, November). Financial institutions and the general data protection regula-tion. Financier Worldwide. Retrieved January 29, 2023, from

What is a cybersecurity audit and why is it important? (2022, August 11). Easydmarc. Retrieved February 1, 2023, from




How to Cite

GRIGORYAN, L., & MIRZOYAN, L. (2023). Cybersecurity Risks and Its Regulations. The Philosophy of Cybersecurity Audit. WISDOM, 25(1), 67–77.




Most read articles by the same author(s)