EVALUATING CYBERSECURITY RESILIENCE IN FINANCIAL INSTITUTIONS: A STUDY ON RISK MITIGATION, INCIDENT RESPONSE, AND COMPLIANCE

Abstract

The increasing digitization of financial services has heightened the vulnerability of financial institutions to cyber threats, making cyber security resilience a strategic organizational capability. This study evaluates resilience to cyber threats in financial institutions by examining the roles of risk mitigation practices, incident response capability, and regulatory compliance frameworks. The study was conducted using a quantitative, cross-sectional design, with data collected from 148 respondents involved in cyber security governance, risk management, and regulatory compliance through a structured Likert-scale questionnaire. Descriptive analysis revealed that regulatory compliance recorded the highest mean score (M = 4.05, SD = 0.58), followed by risk mitigation (M = 3.82, SD = 0.61), with incident response capability showing comparatively lower scores (M = 3.47, SD = 0.74 which indicated variability in preparedness across institutions. Reliability analysis demonstrated strong internal consistency (Cronbach’s α ranging from 0.81 to 0.88). Pearson correlation analysis indicated statistically significant positive relationships between all predictors and cyber security resilience, with incident response capability exhibiting the strongest correlation (r = 0.74, p < 0.01). Multiple regression analysis confirmed that risk mitigation (β = 0.31, p < 0.001), incident response capability (β = 0.43, p < 0.001), and regulatory compliance (β = 0.19, p = 0.002) collectively explained 62% of the variance in cyber security resilience (R² = 0.62). Findings highlighted that while risk mitigation and compliance formed essential foundations, incident response capability is the most critical determinant of overall resilience. The study underscores the need for integrated, resilience-oriented cyber security strategies that emphasize preparedness, adaptive response, and operational continuity. The results offered actionable insights for financial institutions and regulators to enhance cyber resilience in an increasingly complex threat landscape.