Author
Listed:
- Mackenzie Deborah
- Sam Njunwamukama
Abstract
Purpose: The purpose of this study is to analyze security policies and risk management practices for reducing insider threats in the Fintech industry in Uganda. The study aims to classify and identify insider threats, examine how they relate to risk management procedures, and offer practical recommendations for improving Fintech companies’ security measures. Methodology: The study adopted a descriptive research design, focusing on diverse respondents across various sectors. Data was collected through surveys from 25 respondents, including IT security specialists, accountants, finance officers, and other relevant roles. The sectors represented included Banking and Finance (52%), Security (12%), Information Technology and Telecommunications (8% each), and others such as Agriculture, Civil Society, and Public Service (each 4%). The study employed both qualitative and quantitative data collection methods, with secondary data reviewed from existing literature and case studies. Statistical analysis was conducted using SPSS to interpret the data and identify trends in insider threat occurrences and risk management practices. Findings: The study revealed that insider threats in Uganda's Fintech sector can manifest in both physical and cyber forms. The predominant risk management practices identified include proactive measures such as robust security policies, access controls utilized by 88% of respondents, security awareness training by 80%, and continuous monitoring by 68%. Incident response and reporting procedures were also critical, ensuring that breaches are swiftly addressed to minimize impact. There was a significant positive correlation (r = .65; p < 0.05) between the frequency of past insider attacks and the regularity of risk assessments, underscoring the importance of regular evaluations in mitigating risks. Unique Contribution to Theory, Practice and Policy: The study contributes to the theoretical understanding of how local cultural attitudes and regulatory frameworks impact effectiveness of risk management strategies, providing insights that can inform RMF adaptations in similar contexts. For practitioners, it recommends development and implementation of robust security policies, employee training programs, and advanced monitoring systems. Policy-makers are advised to support regulatory frameworks that mandate regular risk assessments and the adoption of best Fintech practices.
Suggested Citation
Download full text from publisher
Corrections
All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:bdu:ojijts:v:9:y:2024:i:2:p:67-81:id:2783. See general information about how to correct material in RePEc.
If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.
We have no bibliographic references for this item. You can help adding them by using this form .
If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.
For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Chief Editor (email available below). General contact details of provider: https://iprjb.org/journals/index.php/IJTS/ .
Please note that corrections may take a couple of weeks to filter through
the various RePEc services.
Printed from https://ideas.repec.org/a/bdu/ojijts/v9y2024i2p67-81id2783.html
My bibliography
Save this article