Cybersecurity in Digital Accounting Systems: Challenges and Solutions in the Arab Gulf Region

Round 1

Reviewer 1 Report

Comments and Suggestions for Authors

The introduction section effectively contextualizes the study within the digital transformation efforts of the Arab Gulf region, emphasizing national initiatives like Saudi Vision 2030. However, the transition to the specific focus on cybersecurity in digital accounting systems could be smoother, with clearer links drawn between broader digitalization and the identified cybersecurity risks. While the research question is well-articulated, the novelty and unique contribution of the study should be highlighted further, distinguishing it from existing literature. Expanding on the identified research gaps with specific examples or references could strengthen the argument. Additionally, defining key terms such as "digital accounting systems" and explicitly outlining the study's proposed framework would enhance clarity. Improving the flow between paragraphs and incorporating a compelling opening, such as a recent cybersecurity incident in the region, could engage the reader and emphasize the study's relevance.

The literature review is well-structured and provides a comprehensive overview of key cybersecurity issues within digital accounting systems in the Arab Gulf region. However, there are areas where additional depth, critical analysis, and synthesis of existing literature could enhance the scholarly contribution. First, the literature review primarily summarizes previous studies but could benefit from deeper critical analysis and comparison of different viewpoints (see Manoharan & Sarker, 2023; Michael et al., 2023). Authors should consider comparing conflicting perspectives or highlighting debates in the literature. For instance, while the Gulf countries are investing heavily in AI-driven cybersecurity, not all researchers agree on the efficacy of AI as a primary defense mechanism. Presenting these contrasting views will enhance the depth of the review. Second, the ethical accountability subsection is insightful but lacks discussion on how cultural norms influence cybersecurity practices in accounting. Authors should explore how Gulf-specific cultural factors (e.g., trust, honor, and data privacy norms) shape organizational responses to cybersecurity threats (see Asfahani, 2024). This can add a novel contribution to the literature. Third, the research gap section acknowledges the need for region-specific studies but could articulate the gap more explicitly by synthesizing multiple sources. Authors should consolidate findings from different studies to frame the gap more clearly. Highlight how existing literature fails to address the interplay between cybersecurity, ethical accountability, and regulatory frameworks in digital accounting systems (see Martins et al., 2024; Solano & Cruz, 2024). Fourth, the future directions section mentions AI and machine learning but lacks discussion on other emerging technologies like blockchain. Authors should expand the scope to include blockchain, quantum computing, or zero-trust architectures, which are increasingly being integrated into accounting systems for enhanced cybersecurity (see Han et al., 2023). Fifth, the transitions between subsections (2.3 to 2.4) could be smoother to improve readability. Authors should use linking sentences to connect subsections logically, reinforcing how each part builds upon the previous one.

The methodology section is well-structured and provides a clear overview of the research design, data collection, and analytical techniques. However, to ensure greater transparency and rigor, the following comments and suggestions are provided to enhance the clarity, replicability, and robustness of the methodology. First, while the section mentions the adoption of a quantitative research design, there is limited explanation regarding why this approach was chosen over qualitative or mixed methods. Authors should provide a more detailed justification for the selection of quantitative methods. Explain how this aligns with the research objectives, particularly when exploring cybersecurity practices and their impact on digital accounting systems. Second, the stratified random sampling method is appropriate, but there is limited explanation of the rationale behind the stratification criteria (e.g., country, sector, firm size). Therefore, authors should expand on the justification for stratified random sampling, detailing why specific strata (e.g., country or industry) were chosen and how this enhances the representativeness of the sample. Third, the methodology references pre-validated scales but does not clarify how these scales were adapted to the Gulf context. Authors should include details on how the questionnaire was localized or adapted to reflect the socio-cultural and regulatory context of the Gulf region (see Jreissat et al., 2024). Fourth, the rationale for using Partial Least Squares Structural Equation Modeling (PLS-SEM) is briefly mentioned but lacks in-depth justification for its suitability. Authors should expand on the advantages of PLS-SEM, particularly its capacity to handle complex models with smaller sample sizes, which is relevant to this study (see Hair Jr. et al., 2014).

The results section presents valuable insights and clearly outlines the findings of the study. However, to enhance clarity, transparency, and depth of interpretation, the following comments and suggestions are provided to improve the presentation and analysis of the results. First, the results are presented numerically, but there is limited interpretation of their implications in the context of the research questions. Therefore, authors should expand on the interpretation of significant findings, linking them back to the theoretical framework and literature review. Discuss how these findings align with or deviate from existing studies. Second, non-significant findings are briefly mentioned but lack sufficient discussion. Authors should provide a more in-depth analysis of non-significant results. Discuss potential reasons for these outcomes and suggest directions for future research to explore these areas further. Third, the mediation and moderation analyses are presented but lack detailed explanation of the underlying mechanisms driving these effects. Authors should provide a more comprehensive interpretation of mediation and moderation results, including real-world implications and potential theoretical contributions. Fourth, the results are not compared with similar studies in other regions, which could provide additional context and insights. Authors should include a brief comparative analysis with findings from other regions (e.g., Europe, Asia) to highlight the uniqueness or similarities of the Gulf context.

The discussion and implications section provides a solid interpretation of the results and outlines practical and policy implications effectively. However, additional depth and alignment with the research objectives and literature review could enhance the overall contribution. First, it summarizes findings but lacks explicit links to the original research objectives and hypotheses. Authors should explicitly reference the research questions and hypotheses when discussing each result. This ensures that the interpretation is directly tied to the study’s aims and reinforces the coherence between sections. Second, it underemphasizes the study’s contributions to existing theories in digital accounting and cybersecurity. Authors should elaborate on how the findings extend or challenge existing theoretical frameworks. Discuss the study’s unique contribution, particularly regarding the Gulf region’s context. Third, while practical recommendations are provided, they could benefit from more actionable insights and specificity. Authors should offer detailed, practical steps that organizations can take based on the study’s findings. Consider providing sector-specific recommendations for SMEs, large enterprises, and government entities. Fourth, the policy implications could be expanded to address broader regulatory frameworks and intergovernmental cooperation. Authors should discuss how policymakers can harmonize cybersecurity regulations across GCC countries and align with international standards. Highlight the need for regional collaboration.

Author Response

Dear Reviewer,

We sincerely thank you for your detailed and thoughtful feedback on our manuscript. Your insights have been instrumental in refining various sections of our work, and we deeply appreciate the time and effort you have invested in reviewing our paper.

We have carefully addressed each of your comments and suggestions, ensuring that the revisions enhance the clarity, depth, and scholarly contribution of the manuscript. We particularly value your recommendations for improving the interpretation of results, linking findings to research objectives, and expanding on theoretical and practical implications.

If any of our responses or revisions fall short of expectations, we assure you that this is entirely unintentional. We welcome any further guidance or clarification to ensure that the manuscript meets the highest standards.

Once again, thank you for your invaluable input and for contributing to the improvement of our work.

Warm regards,

Reviewer Comment: The introduction section effectively contextualizes the study within the digital transformation efforts of the Arab Gulf region, emphasizing national initiatives like Saudi Vision 2030. However, the transition to the specific focus on cybersecurity in digital accounting systems could be smoother, with clearer links drawn between broader digitalization and the identified cybersecurity risks. While the research question is well-articulated, the novelty and unique contribution of the study should be highlighted further, distinguishing it from existing literature. Expanding on the identified research gaps with specific examples or references could strengthen the argument. Additionally, defining key terms such as "digital accounting systems" and explicitly outlining the study's proposed framework would enhance clarity. Improving the flow between paragraphs and incorporating a compelling opening, such as a recent cybersecurity incident in the region, could engage the reader and emphasize the study's relevance.

 

Author Response:

Thank you for the detailed feedback on the introduction section. We have carefully addressed each aspect of the comment to improve the clarity, flow, and engagement of the introduction. Below are the specific actions taken:

1. Enhancing the Transition:
• The revised introduction establishes a smoother link between the broader context of digital transformation in the Gulf region and the specific cybersecurity risks associated with digital accounting systems.
• Example:

"As national initiatives like Saudi Vision 2030 drive rapid digitalization, financial data processed through advanced tools such as BI and ERP become increasingly susceptible to cyber threats like phishing, ransomware, and insider attacks, emphasizing the urgent need for robust cybersecurity frameworks."

1. Highlighting Novelty and Contribution:
• We have emphasized the study's unique contribution by addressing region-specific challenges such as regulatory inconsistencies, workforce diversity, and the influence of cultural factors on cybersecurity practices.
• Example:

"While global studies emphasize the benefits of digital accounting systems, they often overlook region-specific challenges in the Gulf, such as regulatory inconsistencies, workforce diversity, and cultural influences on data security practices. This study fills these gaps by proposing an integrated framework tailored to the unique socio-economic landscape of the GCC."

1. Expanding on Research Gaps:
• The identified gaps are elaborated upon with concrete examples, such as inconsistent enforcement of regulations and limited adoption of AI in cybersecurity.
• Example:

"For instance, while Saudi Arabia has enacted comprehensive data protection laws like the PDPL, enforcement remains inconsistent across sectors, creating vulnerabilities. Similarly, AI-based cybersecurity solutions, though promising, face adoption challenges in Qatar due to resource constraints."

1. Defining Key Terms:
• To enhance clarity, key terms like "digital accounting systems" have been defined early in the introduction.
• Example:

"Digital accounting systems refer to the integration of advanced technological tools, including BI and ERP platforms, for automating financial processes, enabling real-time analytics, and enhancing decision-making."

1. Outlining the Proposed Framework:
• A brief summary of the study's integrated framework is included in the revised introduction.
• Example:

"The study develops an integrated framework addressing technological safeguards, ethical accountability, and regulatory alignment to enhance cybersecurity resilience in digital accounting systems across the GCC."

1. Improving Flow and Engagement:
• To captivate readers, the introduction now begins with a compelling real-life example of a cybersecurity incident in the region.
• Example:

"In 2021, a significant cybersecurity breach paralyzed operations at a leading financial firm in the UAE, exposing sensitive data and highlighting vulnerabilities in digital accounting systems. Such incidents underscore the critical need for robust cybersecurity measures as the Gulf region embraces rapid digital transformation."

 

We are confident that these revisions improve the introduction by addressing all the points raised, enhancing both its coherence and relevance. Please let us know if further refinements are required.

 

 

 

 

 

Reviewer Comment: The literature review is well-structured and provides a comprehensive overview of key cybersecurity issues within digital accounting systems in the Arab Gulf region. However, there are areas where additional depth, critical analysis, and synthesis of existing literature could enhance the scholarly contribution. First, the literature review primarily summarizes previous studies but could benefit from deeper critical analysis and comparison of different viewpoints (see Manoharan & Sarker, 2023; Michael et al., 2023). Authors should consider comparing conflicting perspectives or highlighting debates in the literature. For instance, while the Gulf countries are investing heavily in AI-driven cybersecurity, not all researchers agree on the efficacy of AI as a primary defense mechanism. Presenting these contrasting views will enhance the depth of the review. Second, the ethical accountability subsection is insightful but lacks discussion on how cultural norms influence cybersecurity practices in accounting. Authors should explore how Gulf-specific cultural factors (e.g., trust, honor, and data privacy norms) shape organizational responses to cybersecurity threats (see Asfahani, 2024). This can add a novel contribution to the literature. Third, the research gap section acknowledges the need for region-specific studies but could articulate the gap more explicitly by synthesizing multiple sources. Authors should consolidate findings from different studies to frame the gap more clearly. Highlight how existing literature fails to address the interplay between cybersecurity, ethical accountability, and regulatory frameworks in digital accounting systems (see Martins et al., 2024; Solano & Cruz, 2024). Fourth, the future directions section mentions AI and machine learning but lacks discussion on other emerging technologies like blockchain. Authors should expand the scope to include blockchain, quantum computing, or zero-trust architectures, which are increasingly being integrated into accounting systems for enhanced cybersecurity (see Han et al., 2023). Fifth, the transitions between subsections (2.3 to 2.4) could be smoother to improve readability. Authors should use linking sentences to connect subsections logically, reinforcing how each part builds upon the previous one.

 

Author Response:

We appreciate the detailed and insightful comments regarding the literature review. Each point has been carefully addressed to strengthen the scholarly depth and coherence of this section. Below are the responses and corresponding revisions:

 

1. Enhancing Critical Analysis and Comparison of Viewpoints:
   To address the need for deeper critical analysis, we have incorporated a discussion comparing conflicting perspectives on the efficacy of AI-driven cybersecurity. This includes contrasting views from Manoharan & Sarker (2023) and Michael et al. (2023), where the former emphasizes the promise of AI in proactive threat management, while the latter highlights limitations such as algorithmic biases and resource intensity.

Example from the revised paper:

"While Manoharan & Sarker (2023) advocate AI's potential to revolutionize cybersecurity through real-time threat detection and anomaly analysis, Michael et al. (2023) caution against over-reliance, citing issues like algorithmic biases and the prohibitive costs of large-scale implementation. These conflicting perspectives underscore the need for balanced approaches that combine AI with traditional cybersecurity measures."

 

2. Expanding Ethical Accountability with Cultural Norms:
   We have expanded the subsection on ethical accountability to include a discussion on Gulf-specific cultural norms such as trust, honor, and data privacy practices. Drawing on Asfahani (2024), we explore how these norms influence organizational responses to cybersecurity threats.

Example from the revised paper:

"Cultural factors such as the high value placed on trust and honor in Gulf societies significantly shape organizational approaches to cybersecurity. Asfahani (2024) notes that organizations in Saudi Arabia are often hesitant to disclose breaches promptly due to concerns about reputation, reflecting the cultural emphasis on maintaining trust and honor."

 

3. Articulating Research Gaps More Explicitly:
   The research gap section has been revised to synthesize findings from Martins et al. (2024) and Solano & Cruz (2024). This revision highlights the lack of comprehensive studies examining the interplay between cybersecurity, ethical accountability, and regulatory frameworks in digital accounting systems.

Example from the revised paper:

"Despite significant advances in digital transformation, existing literature largely overlooks the interconnected role of cybersecurity, ethical accountability, and regulatory frameworks in ensuring the resilience of digital accounting systems in the Gulf. Martins et al. (2024) emphasize technical challenges, while Solano & Cruz (2024) call for greater attention to socio-cultural and ethical dimensions, leaving a critical gap in integrated frameworks."

 

4. Expanding Future Directions to Include Emerging Technologies:
   We have broadened the discussion on future directions to include blockchain, quantum computing, and zero-trust architectures. References to Han et al. (2023) are integrated to support these additions.

Example from the revised paper:

"In addition to AI and machine learning, emerging technologies such as blockchain, quantum computing, and zero-trust architectures offer transformative potential for cybersecurity in digital accounting systems. Blockchain, for instance, ensures data integrity through tamper-proof records, while zero-trust models enhance security by enforcing strict access controls and verification protocols (Han et al., 2023)."

 

5. Improving Transitions Between Subsections:
   We have added linking sentences to improve the flow between subsections, particularly between sections 2.3 and 2.4. These transitions emphasize how each part builds upon the previous one.

Example from the revised paper:

"Having established the importance of robust cybersecurity measures, the discussion now turns to the ethical dimensions of managing digital risks in the Gulf region, where cultural norms and organizational practices intersect to shape responses to cyber threats."

 

Conclusion:
These revisions ensure that the literature review not only provides a comprehensive overview but also offers critical analysis, integrates diverse perspectives, and enhances readability. We are confident these changes align with the reviewer's recommendations and elevate the scholarly quality of the paper.

 

 

Reviewer Comment: The methodology section is well-structured and provides a clear overview of the research design, data collection, and analytical techniques. However, to ensure greater transparency and rigor, the following comments and suggestions are provided to enhance the clarity, replicability, and robustness of the methodology. First, while the section mentions the adoption of a quantitative research design, there is limited explanation regarding why this approach was chosen over qualitative or mixed methods. Authors should provide a more detailed justification for the selection of quantitative methods. Explain how this aligns with the research objectives, particularly when exploring cybersecurity practices and their impact on digital accounting systems. Second, the stratified random sampling method is appropriate, but there is limited explanation of the rationale behind the stratification criteria (e.g., country, sector, firm size). Therefore, authors should expand on the justification for stratified random sampling, detailing why specific strata (e.g., country or industry) were chosen and how this enhances the representativeness of the sample. Third, the methodology references pre-validated scales but does not clarify how these scales were adapted to the Gulf context. Authors should include details on how the questionnaire was localized or adapted to reflect the socio-cultural and regulatory context of the Gulf region (see Jreissat et al., 2024). Fourth, the rationale for using Partial Least Squares Structural Equation Modeling (PLS-SEM) is briefly mentioned but lacks in-depth justification for its suitability. Authors should expand on the advantages of PLS-SEM, particularly its capacity to handle complex models with smaller sample sizes, which is relevant to this study (see Hair Jr. et al., 2014).

 

Author Response:

We appreciate the detailed feedback on the methodology section, which has guided us in enhancing its transparency and rigor. Below are the specific responses and corresponding revisions:

 

1. Justification for Quantitative Research Design:
   The methodology now includes a detailed explanation of why a quantitative approach was chosen over qualitative or mixed methods. This decision aligns with the research objectives, which require measurable insights into the impact of cybersecurity practices on digital accounting systems across a diverse and representative sample.

Example from the revised paper:

"The choice of a quantitative research design aligns with the study's objectives to systematically measure the relationships among variables such as cybersecurity practices, ethical accountability, and digital accounting system adoption. Quantitative methods allow for hypothesis testing and generalizable findings across diverse socio-economic contexts, which are critical for addressing the region-specific challenges of the Gulf Cooperation Council (GCC). While qualitative or mixed methods might provide contextual depth, the focus of this study necessitated quantifiable data to develop an integrated framework."

 

2. Rationale for Stratified Random Sampling:
   We have expanded the explanation of the stratification criteria, detailing the rationale behind selecting strata such as country, sector, and firm size. This ensures the sample is representative of the diverse socio-economic and organizational contexts in the GCC.

Example from the revised paper:

"Stratified random sampling was employed to ensure proportional representation across the GCC countries, sectors, and firm sizes. Stratification by country (e.g., UAE, Qatar, Saudi Arabia) reflects the differing levels of technological adoption and regulatory environments. Sector-based stratification captures variations in cybersecurity practices between public, private, and government organizations. Finally, firm size stratification addresses the distinct cybersecurity challenges faced by small, medium, and large enterprises. This approach enhances the representativeness of the sample and allows for more nuanced insights into the factors influencing digital accounting system adoption."

 

3. Localization and Adaptation of Pre-Validated Scales:
   We have included a detailed description of how the questionnaire was adapted to the Gulf's socio-cultural and regulatory context, referencing Jreissat et al. (2024).

Example from the revised paper:

"The pre-validated scales were adapted to reflect the socio-cultural and regulatory contexts of the Gulf region. This involved using culturally sensitive language, aligning questions with regional regulatory frameworks such as Saudi Arabia's Personal Data Protection Law (PDPL) and the UAE's Cybersecurity Strategy, and incorporating Gulf-specific examples of cybersecurity threats. Additionally, feedback from regional experts was sought to ensure the questionnaire accurately captured the unique challenges and opportunities in the GCC."

 

4. Justification for Using PLS-SEM:
   The revised methodology now provides a more detailed justification for selecting Partial Least Squares Structural Equation Modeling (PLS-SEM), emphasizing its advantages for this study.

Example from the revised paper:

"PLS-SEM was chosen for its ability to handle complex models with multiple independent, dependent, and mediating variables, which aligns with the study's aim to explore the interplay between cybersecurity practices, ethical accountability, and digital accounting system adoption. Its robustness in analyzing small to medium-sized samples makes it particularly suitable for the GCC context, where data collection can be challenging due to geographic and organizational diversity (Hair Jr. et al., 2014). Additionally, PLS-SEM accommodates non-normal data distributions and provides predictive insights, making it ideal for hypothesis testing in exploratory studies."

 

Conclusion:
The methodology section has been revised to include these justifications and enhancements, ensuring greater transparency, replicability, and robustness. These revisions address all points raised by the reviewer and strengthen the study's methodological framework.

 

 

 

Reviewer Comment: The results section presents valuable insights and clearly outlines the findings of the study. However, to enhance clarity, transparency, and depth of interpretation, the following comments and suggestions are provided to improve the presentation and analysis of the results. First, the results are presented numerically, but there is limited interpretation of their implications in the context of the research questions. Therefore, authors should expand on the interpretation of significant findings, linking them back to the theoretical framework and literature review. Discuss how these findings align with or deviate from existing studies. Second, non-significant findings are briefly mentioned but lack sufficient discussion. Authors should provide a more in-depth analysis of non-significant results. Discuss potential reasons for these outcomes and suggest directions for future research to explore these areas further. Third, the mediation and moderation analyses are presented but lack detailed explanation of the underlying mechanisms driving these effects. Authors should provide a more comprehensive interpretation of mediation and moderation results, including real-world implications and potential theoretical contributions. Fourth, the results are not compared with similar studies in other regions, which could provide additional context and insights. Authors should include a brief comparative analysis with findings from other regions (e.g., Europe, Asia) to highlight the uniqueness or similarities of the Gulf context.

 

Author Response:

We appreciate the reviewer's thoughtful comments, which have significantly guided us in enhancing the results section. Below are the specific responses and revisions:

 

1. Expanding Interpretation of Significant Findings:
   We have revised the results section to include a more detailed interpretation of significant findings, linking them back to the theoretical framework and literature review. This ensures the results are contextualized within the broader scholarly discourse and research objectives.

Example from the revised paper:

"The finding that robust cybersecurity practices significantly enhance the adoption of digital accounting systems (β = 0.45, p < 0.01) aligns with Solano & Cruz (2024), who emphasize the role of comprehensive cybersecurity frameworks in fostering trust and adoption. This underscores the importance of integrating encryption protocols and real-time monitoring as foundational elements of digital accounting systems. However, the strong mediating effect of ethical accountability suggests that technical measures alone are insufficient, highlighting the unique interplay of ethics and technology in the Gulf region."

 

2. In-Depth Analysis of Non-Significant Findings:
   The revised section provides a detailed discussion of non-significant findings, exploring potential reasons and proposing directions for future research.

Example from the revised paper:

"The non-significant relationship between perceived regulatory support and trust in digital systems (β = 0.12, p > 0.05) was unexpected, given the emphasis on regulatory frameworks in prior studies (e.g., Martins et al., 2024). This could be attributed to inconsistencies in regulatory enforcement across the GCC, as noted by Alhazmi & Daghistani (2024). Future research should investigate how harmonizing regulations might strengthen this relationship, particularly in sectors with lower compliance rates."

 

3. Detailed Explanation of Mediation and Moderation Analyses:
   We have expanded the interpretation of mediation and moderation analyses to include underlying mechanisms and real-world implications.

Example from the revised paper:

"Ethical accountability was found to mediate the relationship between cybersecurity practices and organizational trust (indirect effect = 0.18, p < 0.01), indicating that transparent breach reporting and ethical integration enhance stakeholders' confidence in digital systems. This highlights the critical role of organizational culture in translating technical measures into perceived trustworthiness. The moderation analysis revealed that regulatory support amplifies the effect of AI-driven cybersecurity on system adoption (interaction term β = 0.28, p < 0.05). This suggests that supportive legal frameworks can maximize the benefits of emerging technologies by addressing stakeholder concerns about data privacy and compliance."

 

4. Comparative Analysis with Other Regions:
   The revised results section includes a comparative analysis with findings from studies in Europe and Asia, emphasizing the uniqueness of the Gulf context.

Example from the revised paper:

"Comparing these findings with studies from Europe (e.g., Han et al., 2023) reveals that while AI adoption is similarly critical for enhancing cybersecurity, the Gulf region faces unique challenges such as workforce diversity and cultural influences on breach reporting. In contrast to Asia, where blockchain adoption in accounting is more widespread (Zhang et al., 2024), the Gulf's limited use of blockchain highlights an area for future investment and research. These comparisons underscore the need for region-specific frameworks that address the Gulf's distinct socio-cultural and regulatory landscape."

 

Conclusion:
The results section has been revised to incorporate these suggestions, ensuring a deeper interpretation, comprehensive discussion of non-significant findings, robust mediation and moderation analyses, and a comparative perspective. These revisions enhance the clarity, transparency, and scholarly contribution of the results.

 

Reviewer Comment: The discussion and implications section provides a solid interpretation of the results and outlines practical and policy implications effectively. However, additional depth and alignment with the research objectives and literature review could enhance the overall contribution. First, it summarizes findings but lacks explicit links to the original research objectives and hypotheses. Authors should explicitly reference the research questions and hypotheses when discussing each result. This ensures that the interpretation is directly tied to the study’s aims and reinforces the coherence between sections. Second, it underemphasizes the study’s contributions to existing theories in digital accounting and cybersecurity. Authors should elaborate on how the findings extend or challenge existing theoretical frameworks. Discuss the study’s unique contribution, particularly regarding the Gulf region’s context. Third, while practical recommendations are provided, they could benefit from more actionable insights and specificity. Authors should offer detailed, practical steps that organizations can take based on the study’s findings. Consider providing sector-specific recommendations for SMEs, large enterprises, and government entities. Fourth, the policy implications could be expanded to address broader regulatory frameworks and intergovernmental cooperation. Authors should discuss how policymakers can harmonize cybersecurity regulations across GCC countries and align with international standards. Highlight the need for regional collaboration.

 

Author Response:

We appreciate the reviewer’s insightful comments, which have guided significant improvements to the discussion and implications section. Below are the specific responses and corresponding revisions:

 

1. Linking Findings to Research Objectives and Hypotheses:
   We have revised the discussion to explicitly link each finding to the research objectives and hypotheses, ensuring alignment with the study’s aims and reinforcing coherence across sections.

Example from the revised paper:

"The significant positive relationship between robust cybersecurity practices and the adoption of digital accounting systems (H1) aligns with the study's objective of exploring how technical measures influence system trust and adoption. This finding supports previous research (e.g., Solano & Cruz, 2024) and underscores the need for encryption protocols and real-time monitoring to foster organizational confidence. Similarly, the mediating role of ethical accountability (H5) highlights its critical importance in enhancing the perceived legitimacy of cybersecurity strategies."

 

2. Contributions to Existing Theories in Digital Accounting and Cybersecurity:
   The discussion now elaborates on how the study’s findings extend or challenge existing theoretical frameworks, particularly in the context of the Gulf region.

Example from the revised paper:

"This study extends the theoretical framework of digital accounting adoption by integrating ethical accountability as a mediating factor, emphasizing the interplay between technical measures and cultural norms. Unlike traditional cybersecurity models that focus solely on technical resilience (e.g., Hair Jr. et al., 2014), this study highlights the socio-cultural dimensions unique to the Gulf region, such as the influence of trust and honor on breach disclosure practices. This contributes to a more holistic understanding of cybersecurity in digital accounting systems."

 

3. Providing Sector-Specific Practical Recommendations:
   The practical recommendations have been expanded to include actionable insights tailored to SMEs, large enterprises, and government entities.

Example from the revised paper:

"SMEs should prioritize cost-effective cybersecurity measures, such as adopting multi-factor authentication and cloud-based solutions with built-in security features. Large enterprises should invest in AI-driven threat detection and employee training programs to enhance their cybersecurity resilience. Government entities should establish centralized cybersecurity frameworks, offering guidelines and support for private sector compliance. For example, sector-specific training programs tailored to workforce diversity can address skill gaps, especially in industries heavily reliant on expatriate labor."

 

4. Expanding Policy Implications for Broader Regulatory Frameworks:
   We have expanded the policy implications to emphasize regional collaboration and alignment with international standards.

Example from the revised paper:

"Policymakers across GCC countries should prioritize harmonizing cybersecurity regulations to create a unified framework that aligns with global standards such as GDPR. Collaborative efforts, such as intergovernmental task forces and shared cybersecurity infrastructure, can enhance the region's resilience against cross-border threats. For instance, establishing a GCC-wide cybersecurity certification program could standardize compliance requirements and reduce regulatory fragmentation. Such initiatives would not only strengthen trust in digital systems but also position the Gulf as a global leader in secure digital transformation."

 

Conclusion:
The discussion and implications section has been revised to include explicit links to research objectives, contributions to theoretical frameworks, detailed practical recommendations, and expanded policy implications. These enhancements align with the reviewer’s suggestions and significantly strengthen the overall impact of the study.

Reviewer 2 Report

Comments and Suggestions for Authors

While existing research primarily focuses on the benefits of digital accounting systems, insights into the specific cybersecurity challenges faced by the Gulf region remain limited. In this context, the study is deemed to offer distinctive implications that set it apart from prior research.

However, as the research subjects are from diverse institutions, including public, private, and governmental organizations, the importance and significance of the variables of interest (robust cybersecurity practices (CSP), AI-driven cybersecurity technologies (AICS), and ethical accountability (EA)) are expected to vary significantly across these sectors. Conducting additional analyses by organization type to derive sector-specific conclusions and implications would enhance the study's practical contributions.

And further strengthen the instrumental validity of the measurement for Ethical Accountability (EA) by referencing additional supporting literature.

That's all.

Author Response

Dear Reviewer,

We sincerely thank you for your insightful and constructive feedback on our manuscript. Your comments have provided valuable guidance to further refine and enhance the quality of our work. We deeply appreciate your time and effort in reviewing our study and offering thoughtful suggestions to improve its rigor and relevance.

Below, we outline our responses to your specific comments and the corresponding revisions made to the manuscript. If any of our responses fall short of addressing your concerns, we assure you this is entirely unintentional, and we welcome further clarification or suggestions to ensure the manuscript meets the highest standards.

 

Reviewer Comment: As the research subjects are from diverse institutions, including public, private, and governmental organizations, the importance and significance of the variables of interest (robust cybersecurity practices (CSP), AI-driven cybersecurity technologies (AICS), and ethical accountability (EA)) are expected to vary significantly across these sectors. Conducting additional analyses by organization type to derive sector-specific conclusions and implications would enhance the study's practical contributions. Furthermore, the instrumental validity of the measurement for Ethical Accountability (EA) could be strengthened by referencing additional supporting literature.

 

Author Response:

We sincerely appreciate your thoughtful comments and constructive suggestions. Below, we outline the revisions made to address each point:

 

1. Sector-Specific Analysis of Variables:
   In response to the suggestion for sector-specific analyses, we have conducted additional subgroup analyses based on organization type (public, private, and governmental sectors). These analyses provide a more nuanced understanding of how the variables of interest—CSP, AICS, and EA—impact different sectors. This enhancement allows us to tailor our practical recommendations more effectively.

Example from the revised paper:

"The analysis reveals that CSP plays a critical role in governmental organizations due to stricter regulatory compliance requirements, while AICS is more prominent in the private sector, driven by competitive pressures for technological innovation. Ethical Accountability (EA), on the other hand, has a consistent influence across all sectors but is particularly significant in public organizations, where transparency and trust are paramount."

These findings are incorporated into the practical implications section, ensuring that sector-specific conclusions enhance the study’s relevance and utility.

 

2. Strengthening the Instrumental Validity of Ethical Accountability (EA):
   To reinforce the validity of the measurement for EA, we have incorporated additional supporting literature that aligns with the construct’s definition and operationalization. Key references include studies highlighting the role of EA in cybersecurity practices and its socio-cultural dimensions, particularly within the context of the Gulf region (e.g., Oyekunle et al., 2024; Asfahani, 2024).

Example from the revised paper:

"Ethical Accountability (EA) captures the integration of transparency, ethical integration in policies, and accountability mechanisms. This construct aligns with findings from Oyekunle et al. (2024), who emphasize its role in fostering stakeholder trust in digital ecosystems, and Asfahani (2024), who highlights its socio-cultural significance in Gulf societies."

We have also included additional statistical validation for EA in the measurement model section to ensure robustness.

 

Conclusion:
We have made the suggested revisions, including sector-specific analyses and strengthened instrumental validity for EA, which we believe significantly enhance the practical contributions and methodological rigor of the study. If further refinement is needed, we welcome additional guidance to ensure the manuscript meets the highest standards.

Thank you once again for your valuable feedback.

 

Reviewer 3 Report

Comments and Suggestions for Authors

 

The introduction, while relevant and timely, lacks a clear conceptual framework and does not sufficiently elaborate on the key constructs such as ethical accountability and emerging technologies, leaving their roles in the study somewhat ambiguous. The introduction only briefly mentioned cybersecurity challenges in the Gulf region without providing the appropriate context or examples to make clear the socio and economic factors that are at the heart of the regulatory system. A task for the researcher could be to get a more in-depth review of the existing literature, a clearer definition of why I use some kind of direction to the research, and a brief description of the research methodology. The study's wide scope might also present a challenge, as it may result in a loss of focus, and the absence of hypotheses does not make the research's trajectory distinguishable.

The literature review, although in-depth, suffers from a number of drawbacks. Firstly, it concentrates mostly on the universal upsides of digital transformation and the necessity for a good cybersecurity structure without giving concrete examples of the Gulf region’s special regulatory and socio-economic context. It does not cover the regional differences in cybersecurity practices or goes too deep into the difficulties that the firms encounter in the UAE, Saudi Arabia, and Qatar while implementing these systems. Besides, the review discusses emerging technologies such as AI and machine learning but does not mention the challenges of the former or the ethical matters which might arise due to excessive reliance on these technologies in a multinational workplace. The part on ethical responsibilities is somewhat lacking in substance and through touching aspies like cultural dynamics and the local traditions of cybersecurity gets to the ethical and moral issues. Apart from supportive hypothesis statements, no information is given about the methodologies that will be used for testing these hypotheses which signifies a gap between the literature and the research design. 

The method of the study is generally properly arranged, whereby it applies a quantitative variant with the help of SEM technology and SmartPLS to the investigation of the relationships between cybersecurity practices, organizational factors, and the use of digital accounting systems in the GCC region. While the error of the method may be in the form of large sample investigation and a sparse stratified random which is the course of the imbalance in the data, there are some problematic points. These are the following: geographical location limitedness (even the less popular GCC countries are underrepresented), lack of theoretical model for some crucial constructs such as ethical accountability and AI in cybersecurity, and spreading the information in the context of the study. Furthermore, the span of the data collection process is relatively reduced, and the existence of potential response bias is another issue due to the online distribution way. Elaborating on the concepts, improving the balance of geographical locations, and sustaining its theoretical foundation would make the overall methodology stronger and add to the main results of the study.ctionality in the Gulf context.

Comments on the Quality of English Language

The article's writing formatting is a way to break, using short, comprehensible sentences, be correct in the schematic use of punctuation marks so as not to create ambiguity, and not being too repetitive in themes and words are the suggestions to improve the document. Apart from that, focussing on the usage of exact and forceful verbs, rendering complicated sentences into simpler ones, and prioritizing the logical sentence order will make the explanations clearer. What is more, the introduction of formal and academic language, especially in the parts where research questions and exact information are given, is the most important to be able to link writing to the academic and technical style of the article. These suggested changes will make the transition in the paper more seamless and therefore, the content will be easier to grasp.

Author Response

Dear Reviewer,

We sincerely thank you for your thoughtful and detailed feedback on our manuscript. Your comments have provided invaluable insights and suggestions that have guided us in refining and enhancing the clarity and focus of the introduction and overall study. We deeply appreciate the time and effort you have devoted to reviewing our work.

Below, we provide detailed responses to your specific comments and outline the corresponding revisions made to the manuscript. If any of our responses or revisions fall short of expectations, we assure you this is unintentional, and we welcome further guidance to ensure the manuscript meets the highest standards.

 

Reviewer Comment:
The introduction, while relevant and timely, lacks a clear conceptual framework and does not sufficiently elaborate on the key constructs such as ethical accountability and emerging technologies, leaving their roles in the study somewhat ambiguous. The introduction only briefly mentioned cybersecurity challenges in the Gulf region without providing the appropriate context or examples to make clear the socio-economic factors that are at the heart of the regulatory system. A task for the researcher could be to get a more in-depth review of the existing literature, a clearer definition of why I use some kind of direction to the research, and a brief description of the research methodology. The study's wide scope might also present a challenge, as it may result in a loss of focus, and the absence of hypotheses does not make the research's trajectory distinguishable.

 

Author Response:

Thank you for your constructive feedback, which highlights several areas for improvement. We have carefully addressed each comment as follows:

 

1. Clarifying the Conceptual Framework and Key Constructs:
   We have revised the introduction to include a clear conceptual framework, elaborating on the key constructs such as ethical accountability and emerging technologies. This ensures their roles in the study are well-defined and aligned with the research objectives.

Example from the revised paper:

"The conceptual framework integrates three critical dimensions: robust cybersecurity practices (CSP), ethical accountability (EA), and emerging technologies (e.g., AI-driven cybersecurity). CSP serves as the technical foundation, while EA acts as a mediator fostering trust and legitimacy. Emerging technologies enhance the effectiveness of CSP but require supportive regulatory frameworks to address potential risks. This framework contextualizes the study within the socio-economic and regulatory landscape of the Gulf region."

 

2. Providing Context for Cybersecurity Challenges in the Gulf Region:
   The introduction now includes detailed context and examples of cybersecurity challenges, emphasizing the socio-economic factors that influence the region's regulatory environment.

Example from the revised paper:

"The Gulf region faces unique cybersecurity challenges shaped by its rapid digital transformation, economic reliance on oil revenues, and diverse workforce. For instance, regulatory enforcement often varies across sectors, as seen in Saudi Arabia's uneven application of the Personal Data Protection Law (PDPL), which impacts the adoption of uniform cybersecurity measures (Alhazmi & Daghistani, 2024). Similarly, cultural norms such as trust and honor influence breach disclosure practices, creating additional complexities."

 

3. In-Depth Review of Existing Literature:
   We have expanded the literature review in the introduction to provide a more comprehensive foundation for the study. This includes recent studies on cybersecurity, regulatory challenges, and the role of emerging technologies in digital accounting systems.

Example from the revised paper:

"Recent studies highlight the critical role of AI-driven threat detection in mitigating risks (Manoharan & Sarker, 2023), but its adoption remains limited in the Gulf due to resource constraints and regulatory ambiguities. Additionally, ethical accountability has been identified as a key factor in maintaining stakeholder trust in digital systems, particularly in culturally sensitive regions (Asfahani, 2024)."

 

4. Brief Description of Research Methodology:
   To improve transparency, we have included a concise overview of the research methodology in the introduction.

Example from the revised paper:

"This study employs a quantitative research design, using Partial Least Squares Structural Equation Modeling (PLS-SEM) to analyze data from a stratified random sample of 324 professionals across the GCC. This approach allows for hypothesis testing and the exploration of complex relationships among variables such as CSP, EA, and emerging technologies."

 

5. Addressing the Scope and Focus of the Study:
   To prevent a loss of focus, we have refined the scope of the study and emphasized the research trajectory by explicitly stating the hypotheses in the introduction.

Example from the revised paper:

"The study is guided by the following hypotheses: H1: Robust cybersecurity practices positively influence the adoption of digital accounting systems. H2: Ethical accountability mediates the relationship between cybersecurity practices and organizational trust. H3: Emerging technologies enhance cybersecurity effectiveness but require supportive regulatory frameworks."

 

Conclusion:
We have made substantial revisions to address the reviewer’s concerns, including clarifying the conceptual framework, providing socio-economic context, expanding the literature review, including a brief methodology overview, and defining the study’s hypotheses. These changes ensure the introduction is focused, coherent, and aligned with the research objectives.

Once again, we are grateful for your valuable feedback and welcome further suggestions to improve the manuscript further.

 

Reviewer Comment:
The literature review, although in-depth, suffers from a number of drawbacks. Firstly, it concentrates mostly on the universal upsides of digital transformation and the necessity for a good cybersecurity structure without giving concrete examples of the Gulf region’s special regulatory and socio-economic context. It does not cover the regional differences in cybersecurity practices or goes too deep into the difficulties that the firms encounter in the UAE, Saudi Arabia, and Qatar while implementing these systems. Besides, the review discusses emerging technologies such as AI and machine learning but does not mention the challenges of the former or the ethical matters which might arise due to excessive reliance on these technologies in a multinational workplace. The part on ethical responsibilities is somewhat lacking in substance and through touching aspies like cultural dynamics and the local traditions of cybersecurity gets to the ethical and moral issues. Apart from supportive hypothesis statements, no information is given about the methodologies that will be used for testing these hypotheses which signifies a gap between the literature and the research design.

 

Author Response:

We appreciate your comprehensive feedback, which has helped us identify specific areas for improvement. Below are the revisions made to address your comments:

 

1. Including Concrete Examples from the Gulf Region:
   We have revised the literature review to include detailed examples of the Gulf region’s regulatory and socio-economic context, emphasizing regional differences in cybersecurity practices and challenges faced by firms in the UAE, Saudi Arabia, and Qatar.

Example from the revised paper:

"In Saudi Arabia, the enforcement of the Personal Data Protection Law (PDPL) is often inconsistent across sectors, which hinders uniform adoption of cybersecurity measures (Alhazmi & Daghistani, 2024). Similarly, Qatar’s National Cybersecurity Strategy has made progress in government sectors but struggles to achieve widespread implementation in private firms due to resource constraints (Rawindaran et al., 2023). By contrast, the UAE's Cybersecurity Strategy mandates strong compliance mechanisms, making it a regional leader in adopting AI-driven threat detection systems (Badran, 2023)."

 

2. Discussing Challenges of Emerging Technologies and Ethical Matters:
   The section on emerging technologies has been expanded to include a discussion of challenges associated with AI and machine learning, as well as the ethical concerns they may raise in multinational workplaces.

Example from the revised paper:

"While AI-driven technologies significantly enhance threat detection and response times, they also pose challenges such as algorithmic biases and the high costs of implementation (Michael et al., 2023). Moreover, excessive reliance on AI in culturally diverse workplaces can lead to ethical dilemmas, such as decisions being made without human oversight or the lack of accountability in cases of data breaches (Asfahani, 2024). Addressing these issues requires the integration of robust ethical accountability frameworks into organizational policies."

 

3. Expanding the Section on Ethical Responsibilities:
   The subsection on ethical responsibilities has been enriched with discussions of cultural dynamics and local traditions that influence cybersecurity practices in the Gulf region.

Example from the revised paper:

"Cultural norms in the Gulf, such as the emphasis on trust and honor, shape the ethical dimensions of cybersecurity practices. For instance, firms in Saudi Arabia may delay breach disclosures to preserve reputation, reflecting a cultural preference for discretion (Asfahani, 2024). These dynamics highlight the need for ethical accountability measures that balance transparency with cultural sensitivities."

 

4. Bridging the Gap Between Literature and Research Design:
   We have addressed the gap between the literature review and research design by including an overview of the methodologies used to test the hypotheses.

Example from the revised paper:

"To test the hypotheses, this study employs a quantitative research design using Partial Least Squares Structural Equation Modeling (PLS-SEM). This method is particularly suited for exploring the relationships among variables such as cybersecurity practices, ethical accountability, and emerging technologies in a diverse regional context."

 

Conclusion:
We have revised the literature review to incorporate regional examples, address challenges of emerging technologies, enrich the discussion on ethical responsibilities, and connect the literature to the research design. These enhancements ensure the literature review provides a strong foundation for the study.

Thank you once again for your valuable feedback. We welcome any additional suggestions to further improve the manuscript.

 

Reviewer Comment:
The method of the study is generally properly arranged, whereby it applies a quantitative variant with the help of SEM technology and SmartPLS to the investigation of the relationships between cybersecurity practices, organizational factors, and the use of digital accounting systems in the GCC region. While the error of the method may be in the form of large sample investigation and a sparse stratified random which is the course of the imbalance in the data, there are some problematic points. These are the following: geographical location limitedness (even the less popular GCC countries are underrepresented), lack of theoretical model for some crucial constructs such as ethical accountability and AI in cybersecurity, and spreading the information in the context of the study. Furthermore, the span of the data collection process is relatively reduced, and the existence of potential response bias is another issue due to the online distribution way. Elaborating on the concepts, improving the balance of geographical locations, and sustaining its theoretical foundation would make the overall methodology stronger and add to the main results of the study.

 

Author Response:

We appreciate your thoughtful observations and have made the following revisions to address the identified issues:

 

1. Addressing Geographical Location Imbalance:
   We recognize the importance of achieving a balanced representation of all GCC countries in the dataset. To address this, we have provided a detailed explanation of the sampling strategy and the steps taken to minimize geographical imbalance.

Example from the revised paper:

"While the sample predominantly includes respondents from the UAE, Saudi Arabia, and Qatar due to their economic prominence, efforts were made to ensure representation from less prominent GCC countries (e.g., Oman, Bahrain, Kuwait) through targeted outreach to regional professional networks. Future studies should consider proportional sampling to achieve a more balanced representation."

We also acknowledge this limitation in the discussion section and emphasize the need for future research to address it.

 

2. Developing Theoretical Models for Ethical Accountability and AI in Cybersecurity:
   We have expanded the methodology section to include theoretical models for ethical accountability and AI in cybersecurity, linking these constructs to existing literature and the study's conceptual framework.

Example from the revised paper:

"The theoretical model for Ethical Accountability (EA) integrates elements of transparency, ethical integration, and accountability mechanisms, drawing on Asfahani (2024) and Oyekunle et al. (2024). For AI in cybersecurity, the model is grounded in Manoharan & Sarker's (2023) framework, emphasizing real-time threat detection, anomaly identification, and ethical concerns in automation. These models provide a robust foundation for hypothesis testing and ensure conceptual alignment with the study's objectives."

 

3. Mitigating Response Bias and Addressing the Reduced Data Collection Span:
   To minimize response bias arising from online distribution, we have included a description of the measures implemented, such as randomized survey distribution and follow-up reminders to increase participation diversity.

Example from the revised paper:

"Potential response bias due to online distribution was mitigated by employing randomized sampling techniques and leveraging multiple digital platforms, including professional networks and industry associations, to reach a diverse audience. Additionally, targeted follow-up reminders were sent during the six-month data collection period to enhance response rates and representativeness."

We also acknowledge the reduced data collection span as a limitation and suggest extending the timeframe for future studies to improve data robustness.

 

4. Enhancing the Theoretical Foundation:
   To strengthen the theoretical foundation of the study, we have elaborated on the linkages between constructs and their relevance to the Gulf context.

Example from the revised paper:

"The theoretical foundation integrates elements of socio-cultural influences on cybersecurity, emphasizing the unique interplay of regional regulations, organizational practices, and cultural norms in the GCC. This approach ensures the study's findings are not only empirically grounded but also contextually relevant to the Gulf region's distinctive digital transformation journey."

 

Conclusion:
These revisions address the reviewer's concerns by elaborating on key constructs, improving geographical representation, mitigating potential response bias, and reinforcing the theoretical foundation of the study. We believe these changes significantly enhance the methodological rigor and relevance of the manuscript.

Thank you once again for your valuable feedback. We welcome any further suggestions to ensure the study meets the highest standards.

 

 

Reviewer Comment:
The article's writing formatting is a way to break, using short, comprehensible sentences, be correct in the schematic use of punctuation marks so as not to create ambiguity, and not being too repetitive in themes and words are the suggestions to improve the document. Apart from that, focussing on the usage of exact and forceful verbs, rendering complicated sentences into simpler ones, and prioritizing the logical sentence order will make the explanations clearer. What is more, the introduction of formal and academic language, especially in the parts where research questions and exact information are given, is the most important to be able to link writing to the academic and technical style of the article. These suggested changes will make the transition in the paper more seamless and therefore, the content will be easier to grasp.

 

Author Response:

We are grateful for your constructive comments, which have significantly contributed to improving the manuscript’s overall readability and academic tone. Below are the steps we have taken to address your feedback:

 

1. Improving Sentence Structure and Reducing Ambiguity:
   To enhance readability, we have revised the text to use shorter, more comprehensible sentences and precise punctuation. Ambiguous phrases and overly complex sentences have been simplified for clarity.

Example from the revised paper:

Original: "Cybersecurity challenges are a significant barrier to the adoption of digital accounting systems, where organizations often lack the technological and regulatory capacity to handle these issues effectively."
Revised: "Cybersecurity challenges hinder the adoption of digital accounting systems. Many organizations lack the technology and regulations needed to address these issues."

 

2. Avoiding Repetition in Themes and Words:
   We have revised repetitive phrases and consolidated overlapping discussions to streamline the text. Synonyms and varied sentence structures were employed to maintain reader engagement.

Example from the revised paper:

Original: "Ethical accountability is critical for trust. Without ethical accountability, organizations struggle to build trust among stakeholders."
Revised: "Ethical accountability is essential for building stakeholder trust. Its absence undermines organizational credibility."

 

3. Focusing on Forceful Verbs and Logical Sentence Order:
   To improve the impact of the writing, forceful verbs have been used, and sentences have been restructured to follow a logical order.

Example from the revised paper:

Original: "The study attempts to demonstrate how cybersecurity and ethical accountability play a role in digital accounting systems."
Revised: "The study demonstrates the role of cybersecurity and ethical accountability in digital accounting systems."

 

4. Enhancing Academic and Formal Language:
   We have revised sections, particularly those containing research questions and technical details, to align with an academic tone. Informal expressions have been replaced with formal language, ensuring consistency with the scholarly style of the manuscript.

Example from the revised paper:

Original: "This study looks into how AI and ethical accountability matter when using digital accounting systems."
Revised: "This study examines the significance of AI and ethical accountability in the adoption of digital accounting systems."

 

5. Seamless Transitions and Logical Flow:
   Transitions between sections and paragraphs have been revised to improve coherence. Linking sentences have been added where necessary to guide readers through the arguments seamlessly.

Example from the revised paper:

Added transition: "Having explored the technological challenges, the discussion now shifts to ethical considerations, particularly the role of accountability in shaping cybersecurity strategies."

 

Conclusion:
The manuscript has been thoroughly revised to address your comments. Changes include improving sentence structure, reducing repetition, using precise verbs, enhancing formal language, and ensuring seamless transitions. These improvements aim to make the document clearer, more engaging, and aligned with academic standards.

We thank you again for your valuable feedback and welcome any further suggestions to refine the manuscript further.

Round 2

Reviewer 1 Report

Comments and Suggestions for Authors

Upon careful review of the revised manuscript, I am delighted to confirm that the modifications align with the recommendations previously outlined. Specifically, the revised introduction now offers a smoother transition from the regional digital transformation initiatives to the specific focus on cybersecurity in digital accounting systems. The addition of a recent cybersecurity incident effectively enhances engagement and contextualizes the study's relevance. Further, the literature review now incorporates deeper critical analysis and synthesis of key studies, as recommended. The expanded discussion on cultural norms influencing cybersecurity practices and the inclusion of debates on emerging technologies such as blockchain have significantly enriched the scholarly contribution. Your detailed justification for adopting a quantitative research design and PLS-SEM is clear and well-argued. The additional explanations regarding the stratified random sampling criteria and the adaptation of measurement scales to the Gulf context add rigor and transparency to your methodological approach. The expanded interpretation of findings, including the implications of significant and non-significant results, demonstrates a strong linkage to the theoretical framework and prior literature. Your inclusion of comparative analyses with other regions provides valuable context and highlights the uniqueness of the Gulf region. The enhanced discussion on sector-specific recommendations and the broader regulatory and intergovernmental frameworks presents actionable insights for stakeholders. This aligns well with the study's objectives.

I appreciate your efforts in addressing each of the comments comprehensively and with academic rigor. The manuscript demonstrates significant improvement in clarity, coherence, and contribution to the field of cybersecurity in digital accounting systems within the Gulf region. I look forward to seeing the final version of this important work published, as it offers valuable insights for policymakers, practitioners, and researchers.

Reviewer 3 Report

Comments and Suggestions for Authors

The previously mentioned items were carried out by the authors and are approved.