The impact of social engineering on cybersecurity risks in banks in the city of Riyadh in the Kingdom of Saudi Arabia

Abstract

This study aims to assess the social engineering factors that significantly affect cybersecurity risks in the banking sector in Riyadh, Saudi Arabia. The study specifically addressed the impact of these factors on employees' awareness and behaviors that may make them more vulnerable to social engineering risks. Through the use of a quinquennial Lecter scale to evaluate responses, data has been collected and analyzed to extract results related to levels of awareness, personal and social factors, and the efficiency of preventive actions in place in banks. The results showed that average awareness of social engineering among bank employees was high, with computational averages ranging from 3.94 to 4.41, indicating a good level of awareness of cyber risks and threats. The study also showed that there is an urgent need to strengthen preventive measures and develop stricter security policies within banks to address social engineering threats more effectively.
The study also addressed the importance of ongoing training and improved regulatory culture in banks as necessary steps to reduce security gaps and improve response to cyberattacks. Results suggest that improving security training and strengthening security policies can play an important role in raising awareness and ability to effectively address social engineering. The study recommends the need to invest in intensive security awareness programmes and develop training methodologies that replicate realistic scenarios of cyberattacks to enable staff to identify and respond efficiently to social engineering attempts. By applying these strategies, banks can strengthen their cyber defenses and protect their sensitive information from growing security threats in the digital age.