Article Review #1: Cybersecurity and Banks’ Financial Performance During COVID-19
Introduction / BLUF
Al-Sartawi et al. (2025) examined the relationship between banks’ cybersecurity strategies and financial performance at Gulf Cooperation Council (GCC)-listed banks during the COVID-19 pandemic. In short, Al-Sartawi et al. (2025) showed a statistically positive association between cybersecurity strategy and financial performance. That is, they showed that higher levels of cybersecurity strategy were positively and significantly associated with improvements in Return On Assets (ROA). The study shows that cybersecurity has become a critical strategic factor in achieving economic stability and institutional credibility.
Relation / Connection to Social Science Principles
Multiple social science principles appear in this study. Both human behavior and institutional governance directly affect cybersecurity. For example, the composition and structure of boards of directors can determine whether an institution will successfully implement cybersecurity. Furthermore, the interconnectedness of social systems is evidenced by the fact that the COVID-19 pandemic caused many institutions to rapidly transform digitally. The rapid transition to technology increased cybersecurity risks, which negatively affected the financial performance of the banks studied in the paper. The researchers used empirical methodology to assess for quantifiable relationships, which demonstrates the systematic and empirically-based nature of social science research.
Research Question / Hypothesis / Independent and Dependent Variables
This study addressed two primary research questions: What was the level of cybersecurity implemented by GCC-listed banks during COVID-19? How did the level of cybersecurity implemented by the banks studied relate to their financial performance? The authors proposed that higher levels of cybersecurity would be positively correlated to financial performance. Cybersecurity Level (CL) is the independent variable, and was assessed using a structured checklist. Return on Assets (ROA) and Earnings Per Share (EPS) are the dependent variables. The control variables included board independence, board size, IT governance, the number of females on the board, firm size, leverage, and firm age.
Types of Research Methods Used
The researchers utilized quantitative methodologies in the study. They obtained data from 41 GCC-listed banks using sources such as Bloomberg, annual reports, Yahoo Finance, and stock exchange platforms. The cybersecurity levels of the banks were evaluated using a binary checklist completed by the banks’ ICT and security managers. Multiple linear regression, fixed-effects panel regression, and Structural Equation Modeling (SEM) were used by the researchers to assess the relationship between cybersecurity and financial performance.
Types of Data and Analysis Used
The data used in the study consisted of numerical financial indicators and binary cybersecurity implementation assessments. The researchers used statistical analysis on the data, including descriptive statistics, Pearson correlation matrices, regression models, Variance Inflation Factor (VIF) tests, Durbin-Watson tests, Cook-Weisberg tests, and SEM analysis. The results showed a statistically significant positive relationship between cybersecurity levels and ROA. This suggests that organizations practicing more robust cybersecurity strategies will exhibit greater operational efficiency and profitability.
Connections to Course Concepts
The study relates to course concepts of cybersecurity governance, institutional trust, and risk management. The study provides support to the concept that cybersecurity is a socio-technical issue, influenced by the actions of leaders, governance, and regulatory systems. Additionally, the study provides evidence for the discussion of how crises such as COVID-19 generate changes in digital behavior and increases in institutional vulnerabilities; therefore, organizations must develop and apply structured cybersecurity frameworks.
Connections to Marginalized Groups
While the study does not specifically address marginalized groups, it does discuss the implications of expanding digital banking during COVID-19. Since society is becoming increasingly reliant on digital banking, individuals lacking in digital literacy and/or access to secure digital technologies may be disproportionately harmed by these developments. The study also discusses the importance of diversity in cybersecurity leadership and institutional resilience by incorporating female board membership into the analysis.
Conclusion
Overall, the study demonstrated empirically that investing in cybersecurity will positively affect financial performance, especially in times of crisis. Additionally, the study enhanced our understanding of cybersecurity as both an economic and social issue. The findings of the study support the development of stronger regulatory frameworks for cybersecurity and the requirement for standardized cybersecurity disclosure requirements. The study also highlighted the significance of cybersecurity in preserving financial stability and generating public trust.
Reference
Al-Sartawi, A. M. A. M., Sanad, Z., Shehadeh, M., & Binsaddig, R. (2025). Cybersecurity and banks performance: Evidence from Gulf Cooperation Council. International Journal of Cyber Criminology, 19(1), 54–71. https://doi.org/10.5281/zenodo.47661903
https://cybercrimejournal.com/menuscript/index.php/cybercrimejournal/article/view/444/132