Article Reviews
Article Review #1: The Impact of Cybersecurity on Bank Performance During COVID-19
Student Name: Raman Paul
School of Cybersecurity, Old Dominion University
CYSE 201S: Cybersecurity and the Social Sciences
Instructor: Diwakar Yalpi
Date: February 20, 2026
Introduction
The article I picked to review is by Al-Sartawi et al. (2025) where Al-Sartawi et al talk
about how cybersecurity practices affected the financial success of banks in the Gulf
Cooperation Council (GCC) in the COVID-19 pandemic. Due to the pandemic, a lot of banking
services had to be pushed online, so protection of digital systems had become very important.
The researchers saw that banks that had strong cybersecurity were generally performed
better financially, and much better in terms of Return on Assets (ROA). This means that
cybersecurity directly affects financial stability and is not just a technical issue.
Relation to Social Science Principles
This study relates to many social science principles we talked about in class and one main
principle is empiricism. The writers rely on real data collected from 41 banks, not assumptions.
Their conclusions come from actual measurable facts and statistics.
Another principle I found that relates to our classroom discussion is determinism. The
study examines how one factor, like the level of cybersecurity, affects another factor, like
financial performance. The researcher’s goal this connection and its cause and effect.
The article also shows skepticism by discussing the previous research that had mixed
results about cybersecurity effects performance. The authors didn’t use the previous study
results, but they decided to test the relationship again in a different region during a global
COVID crisis.
Finally, the writers showed that through the use of regression models and data analysis.
They tried to minimize bias by applying consistent statistical methods.
Research Question:
What was the level of cybersecurity implementation among GCC banks during the
COVID 19 pandemic, and what impact did it have on their financial performance?
My Hypothesis:The hypothesis proposes that banks with a higher level of cybersecurity would have
better financial gains. The authors expected a good relationship between cybersecurity practices
and profits.
The independent variable (IV) is the Cybersecurity Level (CL), which is how strongly each
bank implemented their cybersecurity practices.
The dependent variables (DV) are:
• Return on Assets (ROA)
• Earnings Per Share (EPS)
Types of Research Methods Used
The researchers used a quantitative research design. They gathered financial data from
Bloomberg, annual reports, stock exchange platforms, and official bank websites. A
cybersecurity checklist was sent to IT and security professionals within the banks to find out
about the cybersecurity practices.
Their final data sample had 41 banks all across Kuwait, Oman, Saudi Arabia, Bahrain,
and the UAE. The researchers analyzed data from several years, focusing on the COVID-19
pandemic period.
Types of Data and Analysis Used
The researchers used many techniques in this study, such as:
– Multiple regression analysis
– Fixed effects panel regression
– Correlation analysis
– Structural Equation Modeling (SEM)
The authors also performed tests to make sure of the reliability of their findings. The
results showed a positive relationship between the cybersecurity level and ROA. Another way to
say this is that better cybersecurity was related to better financial results.
Connection to Course Concepts
This article connects strongly to the ideas from our class, like the idea that cybersecurity
is part of a bigger social and organization system, not just a tech tool. The study shows us that
things like leadership decisions, board structure, and IT governance all effect cybersecurity
results.
Another very important idea is risk management. We can see that by investing in a strong
cybersecurity, banks can lower financial risks and keep the public trust.Another way the article relates to our class material is how cyber threats can affect
economic stability and national security, especially during global emergencies like COVID-19.
Connection to Marginalized Groups
Even though the article mostly talks about banks, it still connects to marginalized groups
in important ways. For example, lower income people are usually hit harder by cyberattacks
because losing money can have a greater effect on them. Strong cybersecurity helps protect them
from things like fraud and identity theft. The study also talks about female representation on
boards, which relates to gender diversity and its importance in leadership and cybersecurity
decision making. In addition, during COVID-19 a lot of elderly people and people with limited
technology skills relied on online banking. Having strong cybersecurity systems in place helps
protect these vulnerable groups from scams and exploitation.
Overall Societal Contributions / Conclusion
This study finds that investing in cybersecurity can boost both financial performance and
public trust in banks. It talks about how cybersecurity is not just an added expense, but it shows
that it can give organizations a competitive edge. The authors recommend that regulators should
set up a standard way for banks to report their cybersecurity practices, which could make
financial institutions more transparent and accountable. In conclusion, the article explains how
cybersecurity relates to governance, the economy, and society, especially during major events
like the COVID-19 pandemic.
Reference
Al-Sartawi, A. M. A. M., Sanad, Z., Shehadeh, M., & Binsaddig, R. (2025). Cybersecurity and
bank performance: Evidence from Gulf Cooperation Council. International Journal of Cyber
Criminology, 19(1), 54–71. https://www.cybercrimejournal.com
Raman Paul Article Review 1.pdf
Article Review 2, Perceived Security Risks and Cybersecurity Compliance Attitude:
Role of Personality Traits and Cybersecurity Behavior
Student Name: Raman Paul
School of Cybersecurity, Old Dominion University
CYSE 201S Cybersecurity and the Social Sciences
Instructor Name: Diwakar Yalpi
Date: April 5, 2026Paul 2
Introduction
This review digs into “Perceived Security Risks and Cybersecurity Compliance Attitude:
Role of Personality Traits and Cybersecurity Behavior” by Ghaleb and Sattarov, published in the
International Journal of Cyber Criminology, Volume 19, Issue 1. The main idea here is pretty clear,
who you are (your makeup across the Big Five personality traits) really shapes whether you will
follow cybersecurity rules at work. But it is not just about personality, but perceived security risk
and actual security behavior both play big roles in this equation. That matters a lot because it shifts
the focus in cybersecurity. Instead of just patching technical holes, we have to look at why people
do or do not play by the rules in the first place (Ghaleb and Sattarov 27).
Connection to Social Science Principles
Now, thinking about social science principles, the article stands out for a few reasons. First,
it is all about empiricism. Ghaleb and Sattarov did not just guess or rely on stories; they got hard
numbers from 259 employees and ran stats to prove their points. That is the kind of evidence social
science thrives on.
Determinism is key, too. The researchers’ figure compliance is not random personality,
behavior, and risk perceptions are real drivers. They are basically saying people’s security behavior
follows patterns you can study, not just wild guesses.
Then there’s relativism. Not everyone sees a security threat the same way, and those
differences matter for compliance. That is pretty obvious if you have worked in any organization,
some people worry about risks while others shrug them off. The study also makes sure to stay
objective, using tested scales rather than homemade ones that might skew results. And, honestly,Paul 3
the article embraces skepticism, it does not take the easy road of blaming “just tech” or “just
awareness.” There is more going on underneath.
Research Question
So, what is the research question? It is straightforward, do the Big Five personality traits
affect employees’ attitudes toward cybersecurity compliance, and how do perceived risks and
behaviors play into that? The authors hypothesize these traits (agreeableness, conscientiousness,
extraversion, neuroticism, openness) directly shape compliance attitudes. Security behavior
mediates that relationship, while perceived risk tweaks how strong the personality effect is (Ghaleb
and Sattarov 30).
In terms of variables, the Big Five traits are the independent variables. The dependent
variable is the compliance attitude, meaning whether employees follow security protocols or not.
Security behavior is the bridge (mediator), while perceived risk is the knob that changes how much
personality matters (moderator). That makes for a pretty sophisticated setup.
Types of Research Methods Used
The researchers went with a quantitative approach. They used structured surveys built from
trusted, previously validated scales. Surveys work well here; they are quick, standardized, and
make comparisons easy. The study is not experimental, nothing was manipulated, just measured.
So we are dealing with real-world personality and risk perceptions, not anything cooked up in a
lab.
Types of Data and Analysis DonePaul 4
When it comes to data analysis, Structural Equation Modeling (SEM) is center stage, done
with STATA software. SEM is powerful; it lets you look at multiple relationships all at once, like
direct personality effects, mediation via behavior, and moderation through risk. That is exactly
what this study needs. The use of standardized scales probably means the authors checked
reliability in ways researchers always do, like calculating Cronbach’s alpha (Ghaleb and Sattarov
35).
Connections to Course Concepts
Looking back at what we have studied this semester, the article ties closely to Protection
Motivation Theory (PMT). PMT says people react to threats realistically when they believe the
risk is real, and they know their actions can help. In this study, perceived risk works as a moderator,
and people who take threats seriously are more likely to let their personality impact their
compliance.
Social Learning Theory comes into play here. In the workplace, your behavior isn’t just
about your own personality, it really depends on your surroundings. Workers who are more
conscientious or agreeable might start following safe habits just by watching others, or sometimes
they just don’t want to stand out by breaking the rules. And there’s a deterrence to consider. The
threat of getting caught or facing consequences pushes people to comply, right along with how
risky they think the situation is.
Connections to the ConcernsPaul 5
The article doesn’t highlight the marginalized communities directly, but the implications
are there. Employees in lower pay jobs usually do not get much security training. For them,
compliance rests more on personality than knowledge, which really is not fair. Besides that, risk
perceptions and willingness to trust rules often vary across racial, ethnic, and socioeconomic lines,
rooted in history with discrimination or oversight. If risk shapes compliance, but marginalized
groups perceive risk differently, the study misses something by leaving out those demographic
layers. Adding them would have made the research stronger.
Conclusion
Coming to a close, Ghaleb and Sattarov’s study gives cybersecurity research a real boost.
It shows that personality drives compliance, but perceived risk and security behavior matter, too.
That means organizations must look beyond technical fixes; they should factor in the psychology
of their teams when planning security measures. As cyber threats keep growing, understanding
what makes people vulnerable or strong is crucial. This study recommends personalized training
and smart hiring, tuned to individual differences. In the end, the message is clear, cybersecurity is
a people problem just as much as a tech problem, and the tools we need come from social science
as much as IT.Paul 6
Reference
Ghaleb, M. M. S., & Sattarov, A. (2025). Perceived security risks and cybersecurity compliance
attitude: Role of personality traits and cybersecurity behavior. International Journal of
Cyber Criminology, 19(1), 27–53.
Article Link:
https://cybercrimejournal.com/menuscript/index.php/cybercrimejournal/article/view/438/124