Strengthening Cybersecurity in U.S. Banks: The Expanding Role of Information Systems Auditors
Keywords:
Cybersecurity, Information Systems Auditing, Banking Security, Risk Assessment, Vulnerability ManagementAbstract
This research examines the evolving role of Information Systems (IS) auditors in
strengthening cybersecurity frameworks within U.S. banking institutions. As cyber
threats become increasingly sophisticated, the traditional audit functions have expanded to encompass proactive cybersecurity assessment, vulnerability detection,
and infrastructure protection. Through a mixed-methods approach incorporating
survey data from 150 IS auditors across major U.S. banks and quantitative analysis of cybersecurity incident reports from 2010-2013, this study develops a comprehensive model for evaluating cybersecurity effectiveness. The research identifies
three critical dimensions where IS auditors contribute significantly: framework assessment maturity, vulnerability detection capability, and infrastructure protection
efficacy. Results demonstrate that banks with highly integrated IS audit functions
experience 42% fewer successful cyber intrusions and 67% faster incident response
times. The proposed Cybersecurity Audit Maturity Model (CAMM) provides a
structured approach for quantifying audit effectiveness, with validation showing
strong correlation (r=0.83) between model scores and actual security outcomes.
These findings underscore the strategic importance of IS auditors in safeguarding national banking infrastructure and offer practical frameworks for enhancing
cybersecurity resilience in financial institutions.
