International Journal of Accounting and Management Sciences (IJAMS)
IJAMS Vol.5 No.1 January 2026
DOI https://www.doi.org/10.56830/IJAMS01202604
Authors
Noora A. Hassan, Esam O. Elharon, Ahmed Z. Metwally
Abstract
This paper explores the evolving landscape of cybersecurity risk management, emphasizing its critical importance for organizations handling vast amounts of sensitive data.
With cyberattacks rising dramatically—from individual-targeted threats to complex assaults on businesses and nations—managing these risks has become a top priority for experts worldwide.
The study outlines common cyber threats such as malware, ransomware, and distributed denial-of-service attacks, highlighting their severe consequences including data loss, reputational damage, and operational disruption.
It presents a comprehensive cybersecurity risk management framework that involves five key steps: scoping the assessment, identifying risks, analyzing likelihood and impact, prioritizing and treating risks through avoidance, transfer, or mitigation, and documenting all findings in a risk register.
The paper also discusses recognized standards like ISO 27001, and prominent frameworks including NIST CSF, DoD RMF, FAIR, and the AICPA reporting framework, each providing structured approaches to identify, evaluate, and mitigate cyber risks.
The conclusion underscores the increasing complexity of cybersecurity risk management amid technological advances and regulatory pressures, particularly intensified by recent global challenges such as the COVID-19 pandemic.
Continuous risk assessment, reassessment, and monitoring are advocated as essential practices to safeguard organizational assets and ensure resilience against emerging cyber threats.
Keywords: Cybersecurity – Risk Management – COVID-19 pandemic – Information Systems.
Download Full Article 