Development of cybersecurity framework for FinTech innovations: Bahrain as a case study

Abstract

FinTech is the term used to refer to financial and technology convergence space solutions. It usually refers to new innovations that conduct or connect with financial services via the internet, smart devices, software applications, or cloud services and encompasses anything from mobile banking to cryptocurrency applications. Despite the advantages of FinTech, cybercriminals seized the opportunity to exploit vulnerabilities in FinTech systems. Phishing attacks, ransomware, and data breaches have become more prevalent, targeting individuals and FinTech institutions. Bahrain, which is not different from the rest of the world, was impacted by such cyber threats. Thus, FinTech companies have had to strengthen their cybersecurity countermeasures and protocols to combat these threats. Existing countermeasures in the literature primarily focus on general cybersecurity practices and frameworks, with limited attention given to the specific needs of the FinTech industry. Hence, there is a notable gap in the literature regarding a focused cybersecurity framework that caters to the unique requirements of FinTech innovations, especially in Bahrain. To bridge this gap, this research addresses the problem by conducting an extensive review of existing cybersecurity challenges, common practices, and cybersecurity standards and through in-depth research interviews with executives, experts, and other FinTech business stakeholders. Leveraging this knowledge, this research proposed an adaptable framework that addresses the risks and vulnerabilities faced by FinTech innovations in Bahrain. Through panel discussions and Delphi sessions, industry experts evaluated the framework’s practical feasibility, ability to address specific risks, and compatibility with the existing FinTech regulatory landscape. The results demonstrate a high acceptance of the developed framework and highlight the framework’s potential to enhance cybersecurity resilience significantly. Moreover, the experts acknowledge the proposed framework as a fundamental baseline in securing the FinTech ecosystem in Bahrain. The importance of this research lies in its potential to enhance the cybersecurity posture of the FinTech industry in Bahrain, mitigating risks and vulnerabilities associated with cyber threats in this vital sector.