<![CDATA[The digital transformation in the banking sector has driven a shift in operations, including the establishment of digital branches that rely on information technology to deliver services to customers. However, the increased use of technology brings significant information security risks, particularly those stemming from human factors. This study aims to evaluate the level of cybersecurity awareness among frontliners at Bank XYZ’s digital branch using the ISO/IEC 27002:2022 framework and to develop training recommendations based on NIST SP 800-50. The research was conducted using both quantitative and qualitative methods, involving questionnaires and observations of 36 frontliners. The evaluation results revealed that several controls, particularly Response to Information Security Incidents (ID 5.26), still showed low levels of understanding (60%), indicating the need for training intervention. Training recommendations were designed based on the Cybersecurity and Privacy Learning Program (CPLP) principles from NIST SP 800-50, which include visual approaches, role-based training, and digital learning media. The implementation of these recommendations for one of the controls showed a significant improvement in post-test scores (average >= 93), exceeding the 85% threshold. This indicates that the CPLP-based approach is effective in enhancing frontliners’ cybersecurity awareness. This research is expected to serve as a reference for other banks in developing adaptive information security training strategies aligned with international standards.]]>
Copyrights © 2025
