Purpose— This study investigates the influence of cybersecurity risk management and data protection governance on Islamic Financial Institutions (IFIs) through the lens of Maqasid Al Shariah. As IFIs accelerate digitalisation, safeguarding the ummah's financial and personal data has become both a Shariah imperative and a strategic priority. Variables examined include regulatory framework maturity, Shariah governance integration, incident management capacity, data protection mechanisms, and AI governance across five major jurisdictions. Design/methodology/approach— A qualitative comparative analysis (QCA) is employed across Malaysia, the UAE, Saudi Arabia, Indonesia, and the United Kingdom. Secondary data encompass regulatory publications (2019–2024), IFI annual reports, IFSB GN 6 (2021) standards, and global cybersecurity incident databases from IBM, IMF, and Interpol. Findings— Significant jurisdictional heterogeneity in cybersecurity maturity is revealed. Malaysia (Maqasid Alignment Score/MAS: 4.4) and the UK (MAS: 4.0) exhibit the strongest Maqasid alignment, while Indonesia (MAS: 3.1) and Saudi Arabia (MAS: 3.5) show emerging profiles. A critical universal gap is identified: no jurisdiction formally mandates Shariah Supervisory Board (SSB) engagement in technology risk governance. Research implication/limitation—The analysis is confined to five jurisdictions and qualitative comparative data. Future studies should apply quantitative methods and extend to additional markets. Results offer actionable guidance for regulators, Shariah boards, and IFI management in formulating cybersecurity strategies aligned with Islamic ethical obligations. Originality/value—This study constructs the first systematic Maqasid cybersecurity mapping matrix applicable to global IFIs, bridging classical Islamic jurisprudence and contemporary digital governance scholarship, and explicitly compared with established secular frameworks National Institute of Standards and Technology Cybersecurity Framework (NIST CSF) 2.0, ISO/IEC 27001:2022, and Control Objectives for Information and Related Technologies (COBIT) 2019.
Copyrights © 2026