The Impact of the Level of Compliance with the ISO/IEC 27001 Standard on Cybersecurity in Libyan Commercial Banks

Authors

  • ADEL AB ALASWAD Faculty of Economics - Al –Ajailat- University of Zawia Author

DOI:

https://doi.org/10.65405/nh6jnz67

Keywords:

ISO/IEC 27001, Cybersecurity, Information Security Management System, Cybersecurity Risk Management, Libyan Commercial Banks

Abstract

This study aims to examine the impact of the level of compliance with ISO/IEC 27001 requirements on cybersecurity in Libyan commercial banks, considering the increasing adoption of digital systems and electronic banking services and the growing cyber threats associated with digital transformation. The study adopted a descriptive analytical approach and used a questionnaire to collect data from employees in information security, information technology, risk management, and internal audit departments in Libyan commercial banks. A total of (26) valid questionnaire were analysed using SPSS through Cronbach’s Alpha, Pearson correlation, and multiple regression analysis. The findings revealed that the level of compliance with ISO/IEC 27001 requirements and the level of cybersecurity were high. The results also showed a statistically significant positive relationship between ISO/IEC 27001 compliance dimensions and cybersecurity, and that these dimensions explain (65.8%) of the variation in cybersecurity level. Cybersecurity risk management was found to have the strongest impact, followed by technical and procedural controls and information security governance, while security awareness and human factors require further improvement. The study recommends strengthening ISO/IEC 27001 implementation, developing cybersecurity awareness and training programs, and improving cybersecurity risk management practices to enhance information protection and ensure business continuity in the banking sector.

Downloads

Download data is not yet available.

References

 Adelmann, F., Ergen, I., Gaidosch, T., Jenkinson, N., Khiaonarong, M. T., Morozova, A., . . . Wilson, C. (2020). Cyber risk and financial stability: It’sa small world after all: International Monetary Fund.

 Al-Dhahri, S., Al-Sarti, M., & Abdul, A. (2017). Information security management system. International Journal of Computer Applications, 158(7), 29-33.

 Choubey, S., & Bhargava, A. (2018). Significance of ISO/IEC 27001 in the implementation of governance, risk and compliance. International Journal of Scientific Research in Network Security and Communication, 6(2), 30-33.

 Culot, G., Nassimbeni, G., Podrecca, M., & Sartor, M. (2021). The ISO/IEC 27001 information security management standard: literature review and theory-based research agenda. The TQM Journal, 33(7), 76-105.

 ENISA. (2024). ENISA Threat Landscape. Retrieved from https://www.enisa.europa.eu/publications/enisa-threat-landscape-2024

 Ewuga, S. K., Egieya, Z., Omotosho, A., & Adegbite, A. (2023). ISO 27001 in banking: An evaluation of its implementation and effectiveness in enhancing information security. Finance and Accounting Research Journal, 5(12), 405-425.

 G‘ofurova Laziza, R. S. (2025). DIFFERENCES BETWEEN INFORMATION SECURITY AND CYBERSECURITY. Modern Science and Research, 4(6), 234-237.

 Humphreys, E. (2016). Implementing the ISO/IEC 27001: 2013 ISMS Standard: Artech house.

 Hyseni, V. (2025, ,). Information security in banks and financial institutions. PECB. Retrieved from https://pecb.com/en/article/information-security-in-banks-and-financial-institutions?utm_source=chatgpt.com

 ISO/IEC 27001:2022. (2022). ISO/IEC 27001:2022 - information security management systems. Retrieved from https://www.iso.org/standard/27001

 Kamil, Y., Lund, S., & Islam, M. S. (2023). Information security objectives and the output legitimacy of ISO/IEC 27001: stakeholders’ perspective on expectations in private organizations in Sweden. Information Systems and e-Business Management, 21(3), 699-722.

 Katuri, S. (2025). Cybersecurity threats in digital banking: A comprehensive analysis. IJSAT-International Journal on Science and Technology, 16(1).

 Kristian Gala , R. S., Muh. Ashary Anshar,. (2025). ANALYSIS OF THE IMPLEMENTATION OF ISO/IEC 27001:2013 STANDARDS IN PT. SULSELBAR BANK. International Journal of Multidisciplinary Research and Literature, Vol. 4, No. 4, July 2025, pp. 771-783.

 Legowo, N., & Juhartoyo, Y. (2022). Risk management; risk assessment of information technology security system at bank using ISO 27001. Journal of System and Management Sciences, 12(3), 181-199.

 Mohammed Alharbi, T. S. (2025). Cybersecurity governance and organizational resilience: A framework for sustainable risk management. EDPACS, 1-16.

 Putri, S. R. M., Bernandy, M. P., Aulia, C., Fikri, M. G. R., & Jasmine, J. (2024). Cyber Security Risk Management Practices: Insights From an ISO 27001 Certified Organization. Journal of Digital Business and Innovation Management, 3(2).

 Ryanto, K., & Tundjungsari, V. (2024). Standardization of Information Security Management in the Banking Sector using the ISO 27001: 2022 Framework. Journal La Multiapp, 5(4), 361-379.

 Sharma, N., & Dash, P. K. (2012). Effectiveness of ISO 27001, as an information security management system: an analytical study of financial aspects. Far East Journal of Psychology and Business, 9(3), 42-55.

 Styoutomo, Y. A., & Ruldeviyani, Y. (2023). Information security awareness raising strategy using fuzzy ahp method with hais-q and iso/iec 27001: 2013: A case study of xyz financial institution. CommIT (Communication and Information Technology) Journal, 17(2), 133-149.

 Von Solms, B., & Von Solms, R. (2004). The 10 deadly sins of information security management. Computers & security, 23(5), 371-376.

 Yesugad, K. D. (2024). CYBERSECURITY CHALLENGES IN THE MODERN BANKING SECTOR. IPE Journal of Management, 14, No 16, July-December 2024.

 فيلالي, & أسماء. (2021). دور المواصفة الدولية ISO/IEC 27001 في الرفع من مصداقية نظام إدارة أمن المعلومات في المؤسسة. مجلة إضافات إقتصادية, 5(1), 204-223.

 هدى محمد حسن عبد الرحمن. (2026). دور معايير الأنتوساي (INTOSAI) في تحسين جودة الأداء المالي (دراسة ميدانية على الديوان الليبي). مجلة الفاروق للعلوم , 2 (3), 16-28. ‎

 محمد, أ., & البركـي, ح. (2020). واقع تطبيق مُتطلبات نُظم إدارة أمن المعلومات المتوافقة مع المواصفة 27001: 2005 ISO بالمصارف العاملة بمدينتي بنغازي والبيضاء. مجلة الاقتصاد الدولي والعولمة, 3(2), 143-162.

Downloads

Published

2026-06-05

Issue

Vol. 11 No. 41 (2026): Comprehensive Journal of Science

Section

المقالات

License

Copyright (c) 2026 Comprehensive Journal of Science

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

How to Cite

The Impact of the Level of Compliance with the ISO/IEC 27001 Standard on Cybersecurity in Libyan Commercial Banks. (2026). Comprehensive Journal of Science, 11(41), 466-482. https://doi.org/10.65405/nh6jnz67