Strategic Risk Management in the Age of Cyber Threats: Implications for Financial Institutions

Purpose: This study sought to investigate strategic risk management in the age of cyber threats implicating financial institutions. Methodology: The study adopted a desktop research methodology. Desk research refers to secondary data or that which can be collected without fieldwork. Desk research is basically involved in collecting data from existing resources hence it is often considered a low cost technique as compared to field research, as the main cost is involved in executive’s time, telephone charges and directories. Thus, the study relied on already published studies, reports and statistics. This secondary data was easily accessed through the online journals and library. Findings: The findings revealed that there exists a contextual and methodological gap relating to the cyber threats. Preliminary empirical review revealed that financial institutions failed to effectively integrate cybersecurity into their strategic risk management frameworks. Cyber risks were often treated as IT issues rather than strategic concerns, leading to reactive responses and a lack of leadership involvement. The study emphasized the need for a shift in how institutions approach cybersecurity, making it a core part of their overall risk management and strategic planning. Unique Contribution to Theory, Practice and Policy: The study recommended integrating cybersecurity into enterprise risk management, adopting a proactive approach with real-time threat intelligence, and enhancing cross-departmental collaboration. It called for better employee training, clearer regulatory standards, and public-private partnerships. The study contributed to theory by highlighting cybersecurity as a systemic risk and offered practical steps to improve governance and resilience in financial institutions.