Next Article in Journal
Unpacking the Entrepreneurship Education Conundrum: Lecturer Competency, Curriculum, and Pedagogy
Next Article in Special Issue
Smart Practices in Modern Dairy Farming in Bangladesh: Integrating Technological Transformations for Sustainable Responsibility
Previous Article in Journal
Measuring the Nexus Between Information Literacy, Creativity, and Lifelong Learning in Media Professionals
Previous Article in Special Issue
Toward Sustainable Performance in the Hotel Food Supply Chain: Influences of Quality Management Practices and Digital Integration
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Administrative Sciences
Volume 15
Issue 1
10.3390/admsci15010001
admsci-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
first_page
settings
Order Article Reprints
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Article

Cybersecurity Practices and Supply Chain Performance: The Case of Jordanian Banks

by
Saleh Fahed Al-Khatib
1,*,
Yara Yousef Ibrahim
1 and
Mohammad Alnadi
2
1
Business Administration Department, Faculty of Business, Yarmouk University, Irbid 21163, Jordan
2
Department of Business Administration, Faculty of Business, Philadelphia University, Amman 19392, Jordan
*
Author to whom correspondence should be addressed.
Adm. Sci. 2025, 15(1), 1; https://doi.org/10.3390/admsci15010001
Submission received: 18 October 2024 / Revised: 16 December 2024 / Accepted: 19 December 2024 / Published: 24 December 2024
(This article belongs to the Special Issue Supply Chain in the New Business Environment)
Browse Figures
Versions Notes

Abstract

:
This study explores the impact of cybersecurity practices on supply chain performance in the Jordanian banking sector. A survey was used to obtain data from managers and customers. Data from 40 managers’ and 250 digital banking customers’ surveys were collected, of which 220 were valid to be analyzed using IBM SPSS V26 and PLS-SEM V4; 30 responses were excluded due to invalidity issues such as zero standard deviation and outliers identified using Cook’s distance. This study empirically demonstrates the significant positive impact of cybersecurity practices on Jordanian banking supply chain performance. Specifically, the confidentiality, integrity, and availability dimensions strongly correlate with the banks’ supply chain performance. The results indicate that managers have a high degree of cybersecurity awareness and implementation, emphasizing the significance of regular cybersecurity practice training and discussions. Customers desired improved communication and explanation on cybersecurity issues from their banks despite being generally satisfied with cybersecurity. This study’s significant contribution lies in identifying the actual levels of cybersecurity practices and supply chain performance in the Jordanian banking sector and their interaction from both managers’ and customers’ perspectives. Future investigations into the long-term impacts of cybersecurity investments and the comparative examination of cybersecurity methods across other sectors or locations would benefit greatly from this research’s insightful findings. Practically, the results highlight the value of investing in cutting-edge cybersecurity measures, training staff, and effectively explaining procedures and protocols to clients. All of these measures together improve efficiency, trust, and collaboration throughout the banking supply chain.

1. Introduction

In the digital age, cybersecurity is a critical issue for all sectors as increasing reliance on technology exposes us to cyber threats and attacks. Cyberattacks have become more advanced and persistent, targeting physical, technical, and administrative security systems. Cyberattacks can take many forms, including viruses, worms, Trojan horses, ransomware, denial-of-service attacks, and phishing schemes. These attacks can have severe consequences, such as monetary loss, reputational harm, and sensitive information compromised. The cyberattack theory (CAT) identifies the targeted information that attackers seek to obtain or alter to cause damage. Conventional security systems are no longer sufficient because cybercriminals continually evolve their tactics. The International Telecommunication Union (ITU) defines cybersecurity as a comprehensive set of tools, policies, and best practices that protect the cyber environment, organization, and user assets (ITU, 2023). It aims to maintain security and safeguard against risks in the digital world. Cybersecurity practices protect valuable data and systems, help firms avoid legal penalties, and maintain customer and employee trust. Consequently, organizations have focused on increasing security measures to protect their data and gain customer trust.
Cybersecurity practices are revolutionary and futuristic, with current studies demonstrating their importance in data, networks, and business analysis sciences. The significance of cybersecurity measures lies in their ability to enhance security and respond to cyberattacks. Although cybersecurity can provide a competitive advantage for organizations, various cybersecurity risks can negatively impact supply chain flexibility and customer satisfaction with a product or service quality. Leading firms worldwide are adopting or moving towards adopting these practices. Any disruption in cybersecurity can have a disastrous impact on manufacturing firms because of their revenue-risky nature. While the manufacturing sector is vital, cybersecurity practices are equally important in the digital service industry.
The banking industry faces both new opportunities and difficulties as a result of digital banking. Due to the sensitive nature of financial transactions in digital banking, the literature has shown that cybersecurity breaches can cause monetary losses, damage to a bank’s reputation, and legal repercussions. These effects are especially severe in the banking sector (Saeed & Donkoh, 2024). Also, some research like Cele and Kwenda (2024) illustrates that digital banking increases the attack surface, leaving banks more susceptible to ransomware and phishing attacks. Inadequate authentication procedures, insider threats, and insufficient encryption are among the crucial risks associated with cybersecurity mentioned in the literature (Wang et al., 2024). For example, in 2019, the Capital One data breach affected about 6 million Canadian citizens and 100 million US citizens were vulnerable to firewall misconfiguration and unauthorized access to their cloud-based servers (Novaes Neto et al., 2020). Despite these risks, research is scarce about how banks in developing countries handle these issues and how they affect supply chain efficiency.
The shift toward digital banking creates new opportunities and threats for banks, but recent advancements in digital banking have yet to receive adequate attention. The banking sector, especially in developing countries, faces several cyber challenges and needs more research on the impact of cybersecurity practices. The literature on cybersecurity is emerging and theoretical, highlighting the strategic role of these practices. For example, very few practical studies have investigated the role of cybersecurity practices in banking supply chain performance. This gap leads to the main research question: how do cybersecurity practices impact supply chain performance in the Jordanian banking sector? This knowledge gap can be a significant risk factor for banks interested in cybersecurity practices and their impact on their supply chain performance. This study explores cybersecurity practices, supply chain performance in the Jordanian banking sector, and their key features, levels, and interactions.

2. Theoretical Framework

The term “cyber” refers to anything related to computers or computer networks, including the Internet, whereas “security” refers to protection from potential harm caused by others by limiting their freedom to act. As the digital landscape continues to evolve, the importance of cybersecurity continues to grow, making it an essential aspect of modern life.

2.1. Cybersecurity Practices

Cybersecurity safeguards electronic communication networks and virtual reality (cyberspace) from unauthorized access, use, disclosure, disruption, modification, or destruction. This definition involves a combination of technical, administrative, and physical measures to prevent cyberattacks and to protect sensitive information. As the digital landscape continues to evolve, the importance of cybersecurity will continue to grow. With increasing reliance on technology and the Internet, cybersecurity has become essential to modern life, especially in the banking and financial sectors. Table 1 summarizes the definitions of cybersecurity and its main dimensions.
Cybersecurity is defined as the protection of software, tools, and equipment to protect the privacy and integrity of information from various threats. With the rise of the 4.0 and 5.0 industrial revolutions, cybersecurity has become crucial for individuals, families, businesses, governments, and educational institutions. Therefore, it is essential to protect against online fraud. Cybersecurity breaches range from minor to significant consequences, such as data theft, DDoS attacks, data manipulation, and even control system takeover, resulting in physical harm. Cybersecurity is essential for securing financial information that can impact personal financial status. The widespread use of computer systems, networks, and mobile devices has increased cybersecurity risks. Cybersecurity protects personal information, intellectual property, systems, and data from unauthorized access and damage. Information security and cybersecurity share the common goal of ensuring data confidentiality, integrity, and availability. Confidentiality is a crucial aspect of cybersecurity, and it involves ensuring that only authorized individuals can access data. User IDs, passwords, policy-based security, and access control lists (ACLs) are examples of the methods used to maintain confidentiality. However, these methods are vulnerable to cyberattacks if the underlying system is insecure.
Cybersecurity/confidentiality: Confidentiality ensures that only trusted individuals can access information, which is essential for maintaining the trustworthiness of information. Confidentiality is crucial in the digital age, as it ensures that data are protected and only accessible to trusted individuals (Al-Sarhan & Al-Mashaqbeh, 2020). According to Khidzir et al. (2018), confidentiality involves restrictions on using and storing various data types. Samonas and Coss (2014) defined confidentiality as the ability to trust or rely on information. To protect against unauthorized access and disclosure, organizations must implement measures such as secure communication channels, access controls, and data encryption. Confidentiality protects sensitive information such as financial and personal data, intellectual property, and unauthorized access. Confidentiality is a critical component of information security, ensuring that access to information is limited to those who specifically need it. According to Mullet et al. (2021), threats to confidentiality include accessing or stealing sensitive data. Studies such as Sarratiagham (2008) highlight the importance of confidentiality in establishing trust in online systems such as Internet banking, where an unauthorized person can read and take advantage of information stored on the computer. The intruder only observes the patterns of information use. From these patterns, the intruder can infer information. This category also includes the unauthorized use of a proprietary program (Samonas & Coss, 2014). Finally, Omariba et al. (2012) argue that managers should perform regular security audits and assessments to identify, address, and prevent any vulnerabilities in the supply chain from any attack or risk. Based on these definitions, six items have been used to measure confidentiality (Al-Sarhan & Al-Mashaqbeh, 2020).
Cybersecurity/integrity: According to Omariba et al. (2012), “integrity” refers to the dependability of information resources. It guarantees that information is accurate, authentic, and comprehensive Margaret Rouse (2022) and Al-Sarhan and Al-Mashaqbeh (2020) explained that integrity ensures data is modified only by authorized individuals, and techniques like data encryption, hashing, and confidential computing guarantee trustworthiness. Companies should implement digital signatures and regular monitoring procedures to prevent unauthorized modifications. Mullet et al. (2021) defined integrity as the non-destruction, modification, or loss of data without consent. MITM attacks that target integrity are a common type of assault. Integrity guarantees accurate and consistent data and information with the ability to detect unauthorized alterations, verify system actions, and ensure reliable information. Sarratiagham (2008) reports that integrity is crucial for customer security and trust in e-banking systems; unauthorized information modification sabotages information or systems in which an unauthorized individual can change stored information. In such circumstances, hackers do not always notice that the information has been altered (Samonas & Coss, 2014). Based on these definitions, five items have been used to measure integrity (Rouse, 2022; Al-Sarhan & Al-Mashaqbeh, 2020).
Cybersecurity/availability: Every piece of information has a specific value or objective depending on the end goal and must be accessible to authorized individuals when needed. Availability is the ability to send and receive transactions without interruption when required (Al-Sarhan & Al-Mashaqbeh, 2020). This occurs when authorized organizations can access data resources as needed, use them frequently, or restart use under exceptional conditions. Ensuring availability involves preventing denial-of-service attacks, a critical component of information security that affects consumer perceptions of online banking. Availability refers to unlawful denial of use, where an unauthorized individual can prevent an authorized user from accessing or modifying information, even if they cannot do so themselves (Samonas & Coss, 2014). Omariba et al. (2012) defined availability as the accessibility of information resources. An information system that is inaccessible when needed can be as detrimental as no system at all, especially if it is the sole means of handling a particular issue. To ensure availability, the communication routes used to access information must adhere to information security regulations and be operationally sound (Kim, 2017). Therefore, availability refers to the ability to access data and resources at any time, which means that data must be easily accessible to authorized individuals when needed. Based on these studies, six items have been used to measure the “Availability” (Al-Sarhan & Al-Mashaqbeh, 2020).
Cybersecurity studies: As the name implies, cybersecurity is a defense of cyberspace, an Internet-connected system. In technology, constant evolution has played a vital role in transforming traditional corporate tasks into highly creative and efficient operations. With companies increasingly relying on information and communication technology in their everyday operations, a flourishing economy has been hit hard by cybercrime. Cyberattacks on physical systems are growing due to networking and Internet technology advancements. These attacks can impact other SC partner systems for several reasons, such as software errors and vulnerabilities found in any SC partner through the exchange of information. As the number of electronic systems increases, most commercial and vital operations on Earth have been transferred to the virtual world created by humans through the invention of computers, communication networks, information, and electronic memory. This virtual world, called cyberspace, is a fast, versatile, and pervasive domain with open boundaries and assaults. The increasing demand for new procedures and strategies to maintain informatics resources has resulted in a need for cybersecurity.
The significance of cybersecurity is highlighted by the concept of cyber-physical systems and the protection of shared confidential information. As Humayed et al. (2017) defined, cyber-physical systems involve integrating physical components, network systems, embedded computers, software, and sensors for information sharing. The potential for data breaches and cyberattacks is high for technology-driven firms, making information security a critical aspect of national security in many countries. Governments are implementing comprehensive policies to ensure cybersecurity and cybersecurity measures aim to detect and respond to cyberattacks. Cybersecurity risks can also impact the quality of products and services, affecting customer satisfaction and supply chain flexibility. Cybersecurity protects IT hardware, software, and stored data from theft or damage (Huxtable & Schaefer, 2016). Yip (2015) emphasized the importance of cyber supply chain security in enhancing cybersecurity within supply chain networks. This involves the implementation of firewalls to prevent intruders from stealing sensitive data and addressing malware, cyberterrorism, advanced persistent threats, and data theft. As technology advances, new forms of cybercrime emerge, making it challenging to address them under the existing laws and regulations (Al-Alawi et al., 2020). Cybersecurity has become a priority for any organization as an integral part of its strategy, design, and operations. As a result, cybersecurity plays a significant role in enhancing companies’ competitiveness within the context of Industry 4.0. (Pandey et al., 2020).

2.2. Supply Chain Performance

Performance measurement is crucial for organizations to determine the success or failure of their operations, including productivity and profitability. Baltacioglu et al. (2007) found that service supply chain performance is positively determined by three domains of service supply chain innovation capabilities: flexibility, responsiveness, and customer services. Supply chain management (SCM) plays a significant role in managing the flow of information, finances, and assets across supply networks to achieve partner and business goals. Many organizations have focused on improving their supply chain management’s effectiveness and overall performance.
Digitalization has significantly contributed to supply chain management by enhancing firms’ flexibility, confidence, accuracy, and efficiency. Digitalization in the supply chain has improved supply chain performance and overall organizational performance. The manufacturing industry has transformed to automation due to technologies such as IoT and cloud computing, but this has also introduced new risks, including safety. Cyberattacks on supply chains can result in interrupted or corrupted operations, loss of information, and damage to the organization’s reputation. These attacks consist of internal and external risks depending on the source and location of the information that flows through the supply chain, both upstream and downstream (Pandey et al., 2020).
Supply chain performance (SCP) refers to a company’s ability to meet customer needs quickly, efficiently, and at low cost. SCP is the benefits received from the effectiveness and flexibility of supply chain operations in a changing environment, and it is measured by how well a company satisfies its customers’ expectations of product availability while keeping costs low. Another definition of performance is a firm’s operational success, primarily assessed by flexibility, quality, and delivery. The SCP denotes the supply chain network’s capacity to supply and deliver items and services over time.
A company must consider efficient information exchange to achieve supply chain performance (SCP) while minimizing expenses (Rozhkov, 2022). Supply chain performance assesses the efficiency and effectiveness of a company’s supply chain in meeting customer requirements and achieving corporate goals (Almufleh & Alkhatib, 2023; Chang et al., 2019). Factors like flexibility, service quality, and customer satisfaction affect supply chain success. Flexibility refers to the ability to adapt to changes in demand or supply, such as unexpected fluctuations in client orders or supply chain capabilities (Chowdhury et al., 2019). Organizations utilize Industry 4.0 and Industry 5.0 technologies to enhance operational efficiency, supply chain coordination, responsiveness, quality, and customer experience (Wu et al., 2024). Service quality pertains to the level of service provided to clients, including delivery speed, order accuracy, and customer communication. On-time delivery, precise tracking and reporting, and good customer support are examples of service quality in the supply chain. Customer satisfaction reflects how content and pleased customers are with a company’s products and services.
Flexibility is essential in supply chain competition because it allows organizations to meet client needs and adapt to changing market conditions. Good supply chain integration enhances flexibility and enables quick adaptation to market change. Managing and minimizing supply chain risk involves the development of agile and flexible supply networks. Cybersecurity flexibility in a service supply chain involves quickly implementing security measures and modifying the supply chain process to ensure service security. Companies should invest in robust scalable security infrastructure and a competent and trained cybersecurity workforce. IoT technology applications can increase visibility in the supply chain and streamline the information flow in real-time, whereas IT is critical for practical supply chain management intelligence (Ellis et al., 2015). Flexibility is the organization’s ability to modify its supply mix, fulfill unanticipated demand, and adjust delivery and supply timetables based on the scenario (Beamon & Balcik, 2008).
In terms of service quality, Cenamor et al. (2017) emphasized the potential of data and digital technologies to enhance the service quality of the supply chain. A service provider must prioritize cybersecurity throughout the supply chain to ensure service quality. Effective cybersecurity measures involve securing sensitive data and resources, safeguarding systems, and networks, and ensuring authorized access. Additionally, service providers must deliver services consistently and reliably to maintain service quality. Ensuring cybersecurity and service quality requires technical expertise, process management, and effective communication and collaboration across the supply chain.
Customer satisfaction (CS) measures customer perception and compares expected performance to customer expectations. According to Kant and Jaiswal (2017), customer satisfaction is a critical component of marketing success, as a satisfied customer base is crucial for achieving competitiveness. Companies rely on service innovation to improve services, which involves developing the services provided to customers. Therefore, companies should ask customers about their satisfaction with the service through periodic surveys. Customer satisfaction in a service supply chain refers to how satisfied consumers are with a company’s service offerings and supply chain operations. To increase customer satisfaction, companies should focus on five critical areas: service delivery that is efficient and timely, service quality, communication, value for money, and cybersecurity. Customers want service providers to take initiative-taking measures to prevent cyberthreats and respond quickly in the case of an attack. Effective communication about security threats and preventive measures is crucial for customer satisfaction through secure data storage, encryption, and strict data protection policies. Transparency about security breaches and remedial actions helps build trust. Customers expect comprehensive cybersecurity coverage, such as protection against malware, ransomware, and phishing attempts. Gunasekaran et al. (2004) state that customer satisfaction is a top priority in world-class supply chains. Modern supply chains should promptly address customer queries and provide excellent post-transaction customer service. Timely responses and valuable feedback from after-transaction activities contribute to supply chain improvement.

2.3. Summary of Previous Studies and Research Gap

Cybersecurity and supply chain performance are both crucial areas that have garnered the attention of both managers and academia. Several studies have integrated both dimensions into one model (Arabyat et al., 2023; Fernando et al., 2023; Rouse, 2022; Al-Alawi et al., 2020; Sobb et al., 2020; Seno et al., 2015), while only a few have focused on each dimension individually (Yan et al., 2020; Ferraiuolo et al., 2022; Ramanujapuram & Akkihal, 2014). The definition of cybersecurity must include confidentiality, integrity, and availability, and use measures such as those outlined in this section. Most studies on cybersecurity have been conducted in the service sector (Katzan, 2012; Yip, 2015; Al-Sarhan & Al-Mashaqbeh, 2020; Alzoubi et al., 2022) and few in the banking and financial sectors (Arabyat et al., 2023). Supply chain performance has become a widely studied topic, especially after recent global crises, and factors affecting it are essential for businesses worldwide. The importance of supply chain performance and its factors is a valid issue for all businesses worldwide (Ali et al., 2021), especially after COVID-19, the Ukrainian war, and the global monetary crisis. Several studies have investigated the factors that impact supply chain performance from different perspectives, such as cybersecurity managing risk (Al-Alawi et al., 2020), assessment of national cybersecurity in preventing crisis (Al-Samour & Al-Khazali, 2020), cybersecurity trends in the Jordanian financial sector (Arabyat et al., 2023), and the effect of cyber supply chain security towards lean and agile supply chain performance (Yip, 2015). According to Sleimi (2020), risk management, identification, assessment, monitoring, and analysis positively impact Jordanian banks’ performance. Although some studies investigate factors that affect this performance from different perspectives (Alnadi & Altahat, 2024; Dubey et al., 2018; De Vass et al., 2018; Shukor et al., 2021; Hanaysha & Alzoubi, 2022), the need to investigate the impact of cybersecurity practices, especially within the banking sector, is still valid.

2.4. Research Model and Hypotheses

The use of information and communication technology is not to spread risks that hinder business, and these gaps need to be presented in the literature. This research focuses on electronic services in Jordanian commercial banks and how cybersecurity practices (confidentiality, integrity, and availability) enhance flexibility and service quality and affect customer satisfaction. Therefore, the following model (Figure 1) has been suggested to clarify and describe the relationship between cybersecurity practices as an independent variable and supply chain performance as a dependent variable.
First, cybersecurity and SCP: Al-Alawi et al. (2020) found that the conclusions significantly impacted our understanding of cybersecurity and its effects on financial institutions. Singh et al.’s (2019) study sought to improve performance by identifying cybersecurity threats and attacks in a globalized supply chain (SC) based on the information flow across the SC upstream and downstream. The study concluded that implementing thorough network inspection, process monitoring, risk assessment, and third-party product evaluation can help reduce cybersecurity risks. Standard cybersecurity measures are necessary to address these challenges. Tawfik et al.’s (2021) study on Jordanian banks found that the cybersecurity program significantly impacted the proper use of cloud accounting, cybersecurity governance requirements, cyber risk assessment and management, and cybersecurity information management. The findings demonstrated that the banks’ security procedures would be ineffective without knowledge and training. As a result, the primary hypothesis is:
H1. 
Cybersecurity practices significantly impact the SCP of the Jordanian banking sector.
Based on this hypothesis, the following sub-hypotheses can be developed based on cybersecurity practices:
Second, cybersecurity practices and SCP: Confidentiality ensures that only trusted individuals can view or access information and maintain the confidentiality of the data. Confidentiality involves restrictions on the storage and use of several types of data. Confidentiality is a strong predictor of perceived information security, and a relationship exists between confidentiality and information security. A study by Seno et al. (2015) found that increasing the security level of online banking systems requires a focus on confidentiality. Daud et al. (2011) conducted a study on how customers perceive information security and confidentiality, confirming that confidentiality and privacy have a favorable and significant impact on information security. Consequently, it is possible to suggest the following sub-hypothesis:
H1.1. 
Confidentiality significantly impacts the SCP of the Jordanian banking sector.
Third, cybersecurity integrity: Integrity refers to the accuracy and correctness of data and the prevention of unauthorized modification, destruction, or loss. According to Mullet et al. (2021), secure transfer, sharing, storage, and data processing maintain integrity well. Sarratiagham (2008) found that integrity is crucial to online banking systems. Seno et al. (2015) conducted a study to analyze the effects of integrity on the security level of Isfahan Tejarat Bank’s online banking. The study used structural equation modeling (SEM) and a paired sample T-test to show that conclusions with integrity have a positive and significant impact on information security. Alhassan and Adjei-Quaye (2017) also found that integrity positively affects information security in their research on the connection between integrity and customer perceptions of information security. Database referential integrity differs from data integrity, which prohibits modification without approved access.
H1.2. 
Integrity significantly impacts the SCP of the Jordanian banking sector.
Fourth, cybersecurity availability: It allows an authorized user access to associated assets and information when needed. According to Wu et al. (2019), availability is apparent when data resources can be accessed as needed by authorized entities, utilized often, or restarted in unexpected situations. Daud et al. (2011) examined how customers perceive information security and availability. The availability of information is a significant aspect that influences the perceived security of information that is transacted online via the Web, leading to the following proposal:
H1.3. 
Availability significantly impacts the SCP of the Jordanian banking sector.

3. Methodology

3.1. Research Design

This study uses quantitative and descriptive approaches to gather needed information and understand the impact of cybersecurity practices on the supply chain performance in Jordanian banking sectors. The quantitative approach tests this study’s hypotheses and answers this study’s questions by reviewing previous studies and applying an analytical method to the data collected through a questionnaire distributed to the bank managers and customers. This study uses a cross-sectional method, a snapshot type of data, to investigate the impact of cybersecurity practices on the supply chain performance for electronic services in Jordanian banking sectors.

3.2. Study Population and Sample

This study’s population is the total group of elements from which this study seeks to generalize the results and is related to this study’s problem. Determining this study’s population is essential to clarify this study’s variables and objectives. This study’s population includes all operating banks in Jordan and their managers and customers. According to the CBJ and the Association of Banks in Jordan, there are 23 operating banks with more than 21,000 employees, of whom 35.2% are female. There are more than 2000 managers and 3 million active accounts. A sample of more than 400 respondents was needed, and two samples were selected to obtain accurate results free from bias. The sample of managers was distinguished by adding a particular part for managers to answer to measure their attitudes towards cybersecurity policy, which only managers were aware of. A list of all the banks’ branches was optioned, and a random branch was selected. Then, a sample of 40 managers and 400 customers from each branch was conveniently selected. Questionnaires were distributed by hand to each branch and collected on the same day. Out of the distributed questionnaires, 40 responses from managers and 250 from customers were collected; overall, 290 were collected.

3.3. Respondents’ Profiles

Table 2 summarizes the demographic items for customers, while Table 3 summarizes the demographic items for managers.
According to Table 2, the age distribution of surveyed customers reveals that the majority (62.7%) fall within the age range of 25 to 35 years old, while 19.5% are between 36 to 45 years old, 9.1% are under 25 years old, and 8.6% are over 45 years old. The researchers believe that these results reflect the representative nature of the sample, as the largest age group uses electronic banking services. Thus, the data obtained will provide an accurate portrayal of reality.
Table 3 presents the outcomes for the manager sample. The job positions represented diversity, with surveyed positions including 50.0% branch manager, 17.5% head of department, 15.0% assistant director, 7.5% assistant head of department, 5.0% office administrator, 2.5% director of operations, and 2.5% cashier. The researchers believe that the diversity in administrative positions, including managers, assistants, and deputies, is a positive sign. Applying this study’s variables reflects the managers’ lack of bias in setting an ideal image for the bank. The managers surveyed were middle-aged, with 25.0% aged between 25 and 36 years old and 75.0% aged between 36 and 45 years old. Most of the respondents were between 35 and 45 years old, which was expected, as it takes years of experience to reach such positions.
Furthermore, 95.0% of the managers were males, and 5.0% were females. From the researchers’ perspective, this result could be better, and future studies should focus on the reasons for the limited occupation of women in leadership and management positions within banks in northern Jordan. The results showed that 70.0% of the managers held bachelor’s degrees, and 30.0% held postgraduate degrees. Finally, 67.5% had 11–15 years of experience, 27.5% had 5–10 years of experience, and 5.0% had more than 15 years of experience.

3.4. Measurement Scale Items

The current study focused on three critical dimensions of cybersecurity practices: confidentiality, integrity, and availability. These dimensions were chosen based on previous research in the field. Confidentiality, integrity, and availability collectively form the CIA triad, which was used as the independent variable in this study. Confidentiality ensures that only authorized individuals can access data in ICT systems, which can be achieved through user IDs, passwords, policy-based security, and access control lists (ACLs). Integrity ensures that data remain in their original state while at rest and can be edited only by authorized individuals. Measures such as data encryption, hashing algorithms, and confidential computing can help to ensure the trustworthiness of data or information systems. Organizations should implement digital signatures, regular monitoring, and audits to prevent tampering or modification. Availability refers to the accessibility of data and information systems when required. Redundancy, cloud computing, software upgrades, predictive analytics, and hardware maintenance can help ensure availability by ensuring that systems, information, and services are always available. Deviations were calculated according to the three-rank scale to interpret mean levels for the overall sample; this allows for determining the extent to which each dimension is presented in our target context. A high level is assigned for mean values within (3.67–5.00), a moderate level is within (2.34–3.669), and a low level is assigned for mean values within (1–2.339).

3.5. Data Preparation and Screening

Data screening: This research aims to examine the perceptions of customers and managers in the Jordanian banking sector. A total of 40 responses were collected from the manager dataset, and it was found that most responses were at the agree and strongly agree levels, with a few at neutral levels. As the sample size was small, statistical tools such as Cook’s distance to exclude outliers were not used. For the customer sample, 250 responses were coded into SPSS, and after coding, a few blank items were found that accounted for a missing ratio of 0.1318%. Missing data in Likert scale items were replaced with the median of nearby points, and then regular patterns in assessments were examined based on standard deviation. Studies found that any low values scoring zero or around zero had a pattern in assessments, and 23 responses scoring zero standard deviation were dropped from the sample. Finally, outliers were checked based on Cook’s distance, and any observation above the threshold of 0.1 was considered an outlier and removed from the regression model. Based on Cook’s distance, four observations were identified as outliers and removed from the sample. After completing the data screening process for the customer sample, 220 valid responses were analyzed. SPSS [v. 27] was used for data coding and screening, model suitability assessment, and descriptive analysis. PLS-SEM was employed to test the measurement and structural models for the total sample, evaluating the strength of influences between model variables. The analysis included two stages: testing the measurement model for reliability and validity and testing the structural model for the strength of influence between variables. Model suitability was assessed through normality and multicollinearity checks.
Normality and multicollinearity issues: Avoiding extreme kurtosis and skewness issues resulting in estimation bias is crucial to ensure data normality. An examination of data symmetry can be conducted using kurtosis and skewness, and, according to Byrne (2016), a skewness coefficient of ±3 and a kurtosis coefficient of ±7 are suitable criteria. The dataset was free of normality issues, as both skewness and kurtosis coefficients fell within these criteria.

3.6. Instrument Validity and Reliability

Examining the Quality of Measurement Models (Instruments)

The evaluation of the measurement model involved using Smart PLS to assess its quality based on reliability, convergent validity, and discriminant validity criteria. The study followed guidelines by Hair et al. (2021). The specified measurement model was established, and the PLS algorithm focused on factors was applied. The assessments (Table 4) included examining the outer factor loading of the model items, with a minimum threshold of 0.5 and a preferred value of >0.7. All items in the measurement model had FL > 0.5, and the majority had FL > 0.7, with significant t-values at the 0.05 significance level. Convergent validity was achieved with AVE coefficients > 0.5 and composite reliability coefficients > 0.7. All constructs met the requirements for convergent validity, and statistical reliability of constructs was achieved with Cronbach alpha coefficients > 0.7.
Discriminant validity was established through the Fornell and Larcker (1981) approach displayed in Table 5 and Table 6. In Table 5, the square root of AVE coefficients was larger than any construct correlation with other constructs in the model. Additionally, the heterotrait/monotrait ratio [HTMT] in Table 6 showed that all coefficients were less than 1 and most were less than 0.85, indicating that all constructs met the discriminant validity requirements proposed by Henseler et al. (2015).
The first-order measurement model met the reliability, convergent validity, and discriminant validity requirements. The second-order model was validated based on the FL of constructs relative to its total latent variable; all FL of constructs were significant, positive, and >[0.7], supporting the decomposition of model variables. For cybersecurity practices constructs, FL of constructs were as follows: confidentiality [Y = 0.881, t = 46.164], availability [Y = 0.898, t = 46.064], and service quality [Y = 0.955, t = 53.486].
The researchers in this study acknowledge several limitations in the employed methodology. For instance, this study collected data from 40 managers and 250 customers; nevertheless, the sample size may not include a comprehensive perspective across the banking sector. This issue was addressed through random selection and strata sampling. This research studied only Jordanian banks, limiting the applicability of results to other regions; however, the results can still be generalized and have broader implications in a context similar to Jordan’s country as the banking sector’s globalized nature.

4. Analysis

4.1. Respondents’ Profiles

Various information related to cybersecurity in the Jordanian banking sector was collected in the personal information section from the two samples; Table 7 represents the responses by customers to cybersecurity-related information in the Jordanian banking sector.
Most surveyed customers, 94.5%, had used electronic services such as Internet banking, digital wallets, and bank apps, indicating the suitability of the sample for this study. Only 2.7% did not use electronic services, and 2.3% were unsure. In total, 85.5% of the customers did not experience any cybersecurity threat, risk, or issue, while 5.9% did, and 8.6% were unsure. In total, 46.4% of respondents reported moderate priority for cybersecurity practices at banks, while 40.5% reported high priority, 7.3% reported very high priority, and 5.5% reported low priority. In total, 86.8% of customers had not discussed cybersecurity with banks before, while 10.9% had discussed it, and 2.3% were unsure. In total, 68.2% of customers answered no to experiencing a security incident due to a malicious or negligent employee, while 3.6% answered yes, and 28.2% were unsure. Customers assessed the level of employee awareness of banks’ security risks as very knowledgeable (24.1%), somewhat knowledgeable (55.5%), and not knowledgeable or unsure (20.5%).
Managers’ responses: Table 8 represents the responses by customers to cybersecurity-related information in the Jordanian banking sectors:
From managers’ points of view, levels of priority of cybersecurity practices at their bank were highly reported by all samples (100%). Further, for discussing cybersecurity issues with executive leadership, 25% reported monthly, and 75% reported each period. For experiencing a security incident, attack, or data breach due to a malicious or negligent employee, 95% answered no, and 5% were not sure/did not know. Finally, levels of awareness of employees about banks’ security risks were assessed as very knowledgeable at 60% and knowledgeable at 40%.

Levels of Cybersecurity Practices and SCP in the Jordanian Banking Sectors

Table 9 presents a summarized ratio and statistical analysis of mean and STD for levels of cybersecurity practices as perceived by the two samples.
The cybersecurity practices in banks received high scores, with an overall mean value of 4.47. All practices were evaluated highly; the mean scores ranged between 4.60 and 4.35. The standard deviation values were between 0.48 and 0.53, indicating that responses were clustered around their mean values, suggesting homogeneity in the assessment levels. For the cybersecurity policy, the overall mean value was 4.74, indicating high-level implementation in banks. All items in this construct were evaluated highly, with mean scores between 4.90 and 4.68. The highest score was given to the item “The bank defines the objectives, responsibilities, and work procedures related to the cybersecurity policy”, and the lowest score was for the item “The bank is committed to cybersecurity rules and regulations defined by the Central Bank”. Homogeneity in assessments was evident based on the standard deviation. For the confidentiality dimension, the overall mean value was 4.60, indicating high-level assessments for all items. The item “My bank checks the customer’s identity before any traditional or electronic action” received the highest mean score of 4.70. In contrast, the item “My bank educates customers on verifying the company’s identity on the Internet and mobile applications while using them” received the lowest mean score of 4.43. The standard deviation values were below 1, indicating homogeneity in the assessments.
For the integrity dimension, the entire sample gave a high assessment for the integrity construct, with an overall mean value of 4.46. The following construct had the highest ranking item: “I am sure that transactions with my bank are safe”, and the least ranking item was “My bank employees are trained and qualified in data processing safety procedures”. The level of assessments demonstrated homogeneity based on the standard deviation.
Table 10 summarizes the constructs’ mean and standard deviation values for the supply chain performance.
The flexibility construct received a high mean value of 4.36, with all items receiving strong agreement. The top three items were “The electronic bank systems provide several services and options”, “The service delivered through the bank’s website/app is adaptable to customer/employee needs”, and “The bank can quickly modify our product/service in response to customer requests”. The overall level of agreement was high, with mean values ranging from 4.44 to 4.35. The item “Compared with other banks, this bank provides excellent services” received the highest agreement level. In contrast, “The services provided by this bank web/app are monitored and updated frequently” received the lowest. The total sample had a high assessment of the customer satisfaction construct, with a mean value of 4.37, and high agreement levels for all items. The item “I made the correct decision to use the E-Banking services” had the highest recorded mean value of 4.48.

4.2. Measurement Model

This study’s main findings were delivered through hypotheses testing results. The structural model was tested using path analysis, and the evolution of the model was based on the variance coefficient R2. The hypothesis decision was provided based on the path coefficient and t-statistic value. The central hypothesis H1 showed a high influence of cybersecurity practices on the dependent variable SCP, with a high amount of explained variance at 60.4% (Figure 2). The path estimate for cybersecurity practices and SCP was 0.777, and the influence was significant with a t-statistic of 27.919 and p = 0.000, supporting H1. The structural model estimates for sub-hypotheses showed a high variance of 61.1 (Figure 3).
Path estimates for confidentiality and SCP recorded 0.225, showing a positive influence, as confidentiality increased by 1%, SCP increased by 22.5%; the influence was significant, having a t-statistic of 3.489 and p = 0.000, thereby supporting H1.1. Path estimates for integrity and SCP recorded 0.275, showing a positive influence, as integrity increased by 1% and SCP increased by 27.5%; the influence was significant, having a t-statistic of 3.617 and p = 0.000, thereby supporting H1.2. Path estimates for availability and SCP recorded 0.370, showing a positive influence, as availability increased by 1% and SCP increased by 37%; the influence was significant, having a t-statistic of 5.426 and p = 0.000, thereby supporting H1.3. Table 11 summarizes the hypotheses and estimates the total sample results.

4.3. Structural Measurement

In this section, we analyzed the differences in cybersecurity practices and SCP levels according to personal information such as age, gender, academic qualification, and sample size. We assessed these differences by using independent samples, t-tests, and ANOVA test results. The following are the results of these tests:
Age: The ANOVA statistic for cybersecurity practices was [F = 4.291], and for SCP, it was [F = 4.262], with significance values below the 0.05 cutoff, indicating significant differences according to age. The LSD–Fisher post-test comparisons revealed that the differences were from the age group 36–45 years. Therefore, respondents aged 36–45 reported higher cybersecurity practices and SCP levels. This could be because this age group has more experience with banks or the labor market and can evaluate the sample without bias or admiration for information technology capabilities. Additionally, they are more confident in information technology, such as those aged less than 30 or greater than 45.
Gender: The t-test statistic for cybersecurity practices was [T = 3.067], with a significance value below 0.05, indicating significant differences in cybersecurity practices according to gender. Male respondents scored a mean value of 4.54, which was higher than the mean value of females, indicating that male respondents provided higher levels of agreement toward cybersecurity than females. The t-test statistic for SCP levels according to gender showed no significant differences [T = 1.739, p > 0.05]. However, there were differences in evaluating cybersecurity practices, with a higher arithmetic mean in the male category. To better understand the female perspective, it is essential to investigate the reasons for the differences. The t-test statistic for cybersecurity practices and SCP levels according to sample type showed significant differences [T = 5.684, p < 0.05 and T = 5.339, p < 0.05], with higher mean values for the manager sample. Therefore, managers reported higher levels of cybersecurity practices and SCP. Finally, ANOVA statistics for cybersecurity practices [F = 0.624, p > 0.05] and SCP [F = 0.426, p > 0.05] showed no significant differences according to academic qualifications.

5. Discussion

This study examines the influence of cybersecurity practices on the performance of supply chains in the northern region of Jordan’s banking sector. The analytical/descriptive method was used, along with a tailor-made questionnaire, to collect data related to the study variables. The data were analyzed statistically, leading to several results that helped answer the research questions. The following points summarize the main findings of this research:
  • Q1: what is the level of awareness of managers and customers regarding the significance of SCS in the service sector of Jordanian banks?
The customers’ responses were positive regarding the level of cybersecurity practices. This is because most of the sample consisted of users of electronic services provided by banks, indicating their suitability for the study. Additionally, many respondents reported having no security incidents in the banks they dealt with. However, negative results emerged as customers felt that banks needed to encourage dialogue with them to clarify cybersecurity-related matters. This result indicates that most of the customer sample stated that employees had only some knowledge about cybersecurity, which highlighted the need for more courses and conferences on these subjects and for establishing communication channels between clients and employees to enhance awareness on both sides regarding cybersecurity. Similarly, previous studies in the literature confirm that a lack of clear communication about cybersecurity procedures leads to some issues in compliance and security risks (Bada et al., 2019), in that a lack of awareness and understanding of cybersecurity policies from customers makes them more vulnerable to risks. The managers’ responses indicated strong indicators of the application of cybersecurity practices within banks in the northern region of Jordan. Most answers showed that these banks give a 100% priority level and high support for regularly discussing cybersecurity. Similarly, Haupert et al. (2017) emphasizes how critical it is to give security issues first priority, particularly for financial institutions. However, 95% of managers reported never experiencing a security incident due to an employee, suggesting high employee awareness. These positive indicators reflect top management awareness of these banks. This is consistent with a study that found positive improvements in staff awareness led to a decrease in security incidents (Hammour et al., 2019). Despite that, it is important to study employees’ readiness across different attack routes. Overall, the results show a difference between customer and managerial perspectives on a cybersecurity awareness level, which implies a need for enhanced communication to fill this gap and ensure unified understanding of cybersecurity measures across all perspectives.
  • Q2: what are the primary cybersecurity practices applied to the service sector in Jordanian banks?
To answer this question, the researchers conducted a descriptive analysis of sample responses to investigate the level of implementation of cybersecurity practices and policies. This study found that both samples had a high level of implementation, reflecting the efforts made by banks to integrate cybersecurity practices into their work system. In a similar manner, previous studies underscore the increasing attention on cybersecurity within financial organizations. For example, a study by Puhakainen and Siponen (2010) shows a high level of cybersecurity implementation occurred in banks steered to protect sensitive financial data and increase trust in banking operations.
This study also found that the level of approval for implementing cybersecurity practices was high among managers in Jordanian banks in the north of the region. This is in line with research by Alotaibi et al. (2016), who found that managers at Middle Eastern financial institutions had positive attitudes towards cybersecurity measures. The high degree of support from managers indicates a clear understanding of how critical cybersecurity is to preserving both consumer confidence and operational resilience. Additionally, the study measured managers’ attitudes towards applying the cybersecurity policy, with all results being highly positive and indicating tangible efforts to adopt and implement the policy within Islamic and commercial banks in the north of the region.
This study found that the level of confidentiality and integrity in cybersecurity practices at Jordanian banks is high. This result aligns with previous research by Mullet et al. (2021), Alhassan and Adjei-Quaye (2017), and Seno et al. (2015). The banks are taking necessary measures to ensure the safety of customer information and provide electronic services with protection against cyber hacking. As found by Abu AlKhair (2023), internal auditing effectively ensures cybersecurity risks. The results also indicate a high level of integrity in the data stored in the banks, as supported by Wu et al. (2019), Alhassan and Adjei-Quaye (2017), and Seno et al. (2015).
This study found that the banks in Jordan have high integrity, which is crucial for maintaining confidence between banks and their customers. As a result, customers are more likely to open an account with these banks due to their integrity. This finding aligns with other studies such as Seno et al. (2015), Alhassan and Adjei-Quaye (2017), and Wu et al. (2019). Cybersecurity is an essential factor in supply chain management, but most studies do not provide further explanation. This study also found that studies need to go into detail about the importance of cybersecurity in supply chain management. The results suggest that Jordanian banks should improve their digital services with backup protection to enhance their platform’s stability. Moreover, practitioners can go beyond platform stability, they can conduct continuous investment in advanced technology, arrange training programs regularly for employees to keep them updated with evolving threats, and ensure strong protection of customers’ data. This study also found that the respondents in the total sample had a result of STD less than 1, indicating that banks are interested in aspects that would raise their performance, such as flexibility, quality of service, and customer satisfaction. Upon conducting a thorough statistical analysis, it was discovered that the Jordanian commercial and Islamic banks in the northern region received a high level of flexibility from our sample. This result is in line with earlier studies that highlighted how important these factors are to improving overall bank performance. For example, Oke et al. (2007) contend that flexibility and quality of service are essential to reaching high customer satisfaction, which in turn leads to performance increases.
Senior management is actively focusing on the flexibility aspect, as it is a significant indicator of performance. Our findings align with this, as banks with a higher level of flexibility can more effectively adapt to the changing requirements of their customers. Similarly, a study by Goldsby and Stank (2000) also demonstrates how banks with greater flexibility have greater capacity to satisfy changing client demands and market demands. Our results support this idea by showing that flexibility is a crucial operational priority for Jordanian banks and is a worldwide best practice. This flexibility is crucial in an ever-evolving market and allows banks to stay ahead. Furthermore, research conducted by Del Giorgio Solfa (2022) found that improvements in supply chain management, such as implementing digital services with enhanced security, can significantly enhance a company’s risk management and address cybersecurity concerns.
  • Level of Service Quality
Statistical analysis found that both the quality of service and customer satisfaction with electronic services provided by Jordanian commercial and Islamic banks in the north of the kingdom received high evaluations from samples. Therefore, senior management has made tangible efforts to meet customer needs and preferences. These findings align with previous studies by Dam and Dam (2021) and Ali et al. (2021), who suggest that service quality and customer satisfaction positively impact customer loyalty and performance evaluation. Banks should focus on fulfilling customer requirements and providing high-quality services to maintain a competitive edge.
  • Q3: what is the expected impact of cybersecurity practices on the SCP of the service sector in Jordanian banks?
According to the results in Table 11, all hypotheses were supported by the total sample, which indicates the importance of cybersecurity practices in enhancing supply chain performance. This aligns with previous research by Sawangwong and Chaopaisarn (2023), who found that technological changes improve supply chain efficiency, particularly in delivery and employee performance. The study’s findings on Jordanian commercial and Islamic banks in the northern region revealed that these practices effectively improve performance levels, reflecting the success of applying cybersecurity practices. According to the analysis, supply chain flexibility is improved by cybersecurity practices that decrease risks and ensure continuous services. To illustrate this effect, measures including data integrity scores and incident reaction time were analyzed. To maintain these positive outcomes, it is essential to continue efforts with the same approach. The second dimension was gender, measured by a t-test in male and female groups, showing differences in male respondents’ agreement toward cybersecurity compared with females and no significant differences in SCP. This result is consistent with research by Venkatesh et al. (2000), who indicate that men are more likely than women to feel confident in and agree with technology-related activities, such as cybersecurity. Differences in familiarity and comfort with technical tools and activities may be the cause of this gender gap in attitudes on cybersecurity. There were no significant differences in academic qualifications in cybersecurity practices or SCP at different educational levels. The t-test result for managers and customers showed significant differences in cybersecurity practices and SCP, attributed to experience in the bank. This is in line with research by Herath and Rao (2009), who show that exposure to cybersecurity concerns and managerial experience improve both understanding and implementation of cybersecurity procedures. Managers are more likely to understand the significance of strong cybersecurity measures and their influence on SCP due to their strategic oversight and experience.

5.1. Theoretical Implications

This study contributes to the literature by highlighting the positive impact of the confidentiality, integrity, and availability (CIA) dimensions on supply chain performance in the banking sector. It demonstrates that these dimensions, when integrated to represent the CIA triad, can influence cybersecurity practices. Moreover, this study adds to the literature on supply chain performance by highlighting the vital role of cybersecurity practices, which are considered essential for supply chains. In addition, this study focuses specifically on the Jordanian banking sector, providing valuable insights into cybersecurity practices and supply chain performance within this circumstance. This emphasis on a specific country and sector can guide future research studying similar dynamics in other countries and sectors, which can expand the applicability and generalization of theoretical models in different contexts. Furthermore, using partial least squares structural equation modeling (PLS-SEM) as a methodological approach to analyze the data can be useful for other researchers who are concerned with researching complex relationships between cybersecurity practices and supply chain performance. This adopted methodological approach can help in determining the applicability and effectiveness of cybersecurity measures in enhancing supply chain performance across various sectors. Moreover, collecting and analyzing data from dual perspectives, from both managers and customers, offers a comprehensive understanding that highlights the need for effective communication and customer engagement about cybersecurity measures.

5.2. Practical Implications

This study can provide practitioners and decision makers with various implications since it investigates the impact of cybersecurity practices on supply chain performance in the Jordanian bank sector. Banks should allocate more resources to invest in cybersecurity measures; thus, this can improve cybersecurity measures, including confidentiality, integrity, and availability.
Conducting regular training programs for employees to raise their awareness about the best cybersecurity practices helps reduce human mistakes that can lead to security incidents. For instance, investment and training help protect against cyberattacks, which improves supply chain performance. In addition, customers’ satisfaction and loyalty can be enhanced through strong cybersecurity practices, which can increase customer trust in digital banking services, and effective communication with customers by letting them know the cybersecurity measures used can boost confidence and loyalty to the bank, since this study’s findings indicate that customers can be more satisfied if they know the cybersecurity protocols in place.
Moreover, implementing cybersecurity measures can improve trust among supply chain stakeholders that can enhance the supply chain efficiency, and prevent disruptions through effective collaborations. By boosting the level of collaboration and trust among stakeholders, banks can efficiently reach the desired stability in their supply chains. Therefore, leaders are urged to allocate resources to investment in modern technology; we encourage them to integrate and incorporate AI power solutions and tools for effective real-time monitoring and predictive analytics. For example, supply chain resilience is a multi-dimensional, multi-perspective, and complex system need a special approach to handle (Alkhatib, 2024). To reach elevated levels of supply chain resilience, legislators can think about enacting laws requiring recurring cybersecurity audit. These actions enhance consumer trust by reinforcing the institutions’ defenses against cyberattacks and creating a stable operating environment.
Policy makers in the central bank of Jordan should be involved in boosting a secure financial environment. By implementing robust cybersecurity regulations, all banks hold high standards of security, which protects the entire financial system. This study’s findings on the high priority given to cybersecurity by managers highlight the need for regulatory support and monitoring. Moreover, managers in the banks should cooperate with expert organizations that can update banks with the latest knowledge and tools of cybersecurity. This collaboration can be useful in establishing vigorous cybersecurity strategies and staying ahead of possible threats. Banks’ overall security postures can be improved by incorporating cutting-edge technologies like artificial intelligence (AI) and machine learning (ML) into cybersecurity frameworks. These technologies can aid in early threat detection, real-time monitoring, and automated response to potential cyberattacks.

6. Conclusions

This study underscores the crucial role of cybersecurity practices in enhancing supply chain performance in the Jordanian bank sector. By employing an analytical/descriptive method and a customized questionnaire, we collected and analyzed data to address key questions related to cybersecurity awareness, implementation, service quality, and supply chain performance. The results of this study not only provide valuable insights but also pave the way for further exploration and advancement in this vital field. They also serve to heighten our understanding of the pivotal role of cybersecurity in the banking sector. Future research should focus more carefully on the cybersecurity practices that have the most effects on supply chain efficiency. Investigating the long-term impacts of regular cybersecurity training initiatives and investments on overall organizational resilience and consumer trust would also be beneficial. Studies comparing countries or industries may also point out best practices and potential improvement areas. In addition, future studies can increase the number of samples from northern Jordan and other regions, explicitly targeting managers to generalize the findings to all bank branches. Additionally, studying the impact of cybersecurity practices on supply chain performance, with customer satisfaction as a mediating variable, and examining the effects of cybersecurity practices on employee performance within Jordanian banks would be valuable areas for future research.

Author Contributions

Conceptualization, S.F.A.-K. and Y.Y.I.; methodology, S.F.A.-K. and Y.Y.I.; validation, S.F.A.-K., Y.Y.I. and M.A.; formal analysis, Y.Y.I.; investigation, S.F.A.-K. and Y.Y.I.; resources, Y.Y.I.; data curation, Y.Y.I.; writing—original draft preparation, S.F.A.-K. and Y.Y.I.; writing—review and editing, S.F.A.-K. and M.A.; visualization, S.F.A.-K.; supervision, S.F.A.-K.; project administration, S.F.A.-K. All authors have read and agreed to the published version of the manuscript.

Funding

This research received no external funding.

Institutional Review Board Statement

This study has been reviewed and approved by the IRB-DSR committee, Yarmouk University, Irbid-Jordan decision, # DSR/2023/7. IRB-DSR, Faculty of Scientific Research, Yarmouk University, Irbid-Jordan.

Informed Consent Statement

Informed consent was obtained from all subjects involved in the study.

Data Availability Statement

Data may be available for further cooperation and analysis, if you please contact correspondent author saleh.f@yu.edu.jo.

Acknowledgments

The authors would like to express their appreciation for the editorial team, Tomás F. Espino-Rodríguez (Guest editor), and reviewer’s professional comments and very detailed remarks, which are of great help in improving the quality of this paper.

Conflicts of Interest

The authors declare no conflicts of interest.

References

  1. Abu AlKhair, D. M. H. M. I. (2023). The impact of internal audit quality in reducing cyber risks in order to support financial stability in electronic banks (a field study). Scientific Journal of Financial and Administrative Studies and Research, 15(1), 1–71. [Google Scholar]
  2. Al-Alawi, A. I., Mehrotra, A. A., & Al-Bassam, S. A. (2020). Cybersecurity: Cybercrime prevention in higher learning institutions. In Implementing computational intelligence techniques for security systems design (pp. 255–274). IGI Global. [Google Scholar]
  3. Alhassan, M. M., & Adjei-Quaye, A. (2017). Information security in an organization. International Journal of Computer (IJC), 24(1), 100–116. Available online: https://ijcjournal.org/index.php/InternationalJournalOfComputer/article/view/820 (accessed on 1 September 2024).
  4. Ali, N., Ahmed, A., Anum, L., Ghazal, T. M., Abbas, S., Khan, M. A., Alzoubi, H. M., & Ahmad, M. (2021). Modeling supply chain information collaboration empowered with machine learning techniques. Intelligent Automation and Soft Computing, 30(1), 243–257. [Google Scholar] [CrossRef]
  5. Alkhatib, S. F. S. (2024). An advanced fuzzy approach for assessing supply chain resilience in developing economies. International Journal of Operational Research, 50(4), 401–425. [Google Scholar] [CrossRef]
  6. Almufleh, N. M., & Alkhatib, S. F. (2023). The impact of supply chain management practices on the operational performance of 5-star hotels operating in Jordan. Jordan Journal of Business Administration, 19(1). [Google Scholar] [CrossRef]
  7. Alnadi, M., & Altahat, S. (2024). Artificial intelligence applications for enhancing organizational excellence: Modifying role of supply chain agility. Problems and Perspectives in Management, 22(2), 339–351. [Google Scholar] [CrossRef]
  8. Alotaibi, F., Furnell, S., Stengel, I., & Papadaki, M. (2016). A review of using gaming technology for cyber-security awareness. International Journal for Information Security Research (IJISR), 6(2), 660–666. [Google Scholar] [CrossRef]
  9. Al-Samour, A. M. S., & Al-Khazali, A. S. K. (2020). Assessment of national cyber security in preventing crisis and disaster in Jordanian banks [Unpublished master’s thesis, Hashemite University]. Available online: http://search.mandumah.com/Record/1318679 (accessed on 1 September 2024).
  10. Al-Sarhan, H. A. -M. S., & Al-Mashaqbeh, M. N. M. H. (2020). The impact of applying cyber security policy on the quality of accounting information in Jordanian commercial banks [Unpublished master’s thesis, Al al-Bayt University]. [Google Scholar]
  11. Alzoubi, H., Alshurideh, M., Kurdi, B., Akour, I., & Aziz, R. (2022). Does BLE technology contribute towards improving marketing strategies, customers’ satisfaction and loyalty? The role of open innovation. International Journal of Data and Network Science, 6(2), 449–460. [Google Scholar] [CrossRef]
  12. Arabyat, Y. A., Alarabeyyat, A., & Abuaddous, M. (2023, December 18–19). Overview of cybersecurity trends in Jordan’s financial sector. International Conference of Reliable Information and Communication Technology (pp. 285–292), Johor Bahru, MalaysiaAvailable online: https://link.springer.com/chapter/10.1007/978-3-031-59707-7_25 (accessed on 1 September 2024).
  13. Bada, M., Sasse, A. M., & Nurse, J. R. (2019). Cyber security awareness campaigns: Why do they fail to change behaviour? arXiv, arXiv:1901.02672. [Google Scholar] [CrossRef]
  14. Baltacioglu, T., Ada, E., Kaplan, M. D., Yurt, A. O., & Cem Kaplan, Y. (2007). A new framework for service supply chains. The Service Industries Journal, 27(2), 105–124. Available online: https://www.tandfonline.com/doi/abs/10.1080/02642060601122629 (accessed on 1 September 2024). [CrossRef]
  15. Beamon, B. M., & Balcik, B. (2008). Performance measurement in humanitarian relief chains. International Journal of Public Sector Management, 21(1), 4–25. Available online: https://www.emerald.com/insight/content/doi/10.1108/09513550810846087/full/html (accessed on 1 September 2024). [CrossRef]
  16. Byrne, B. M. (2016). Structural equation modeling with AMOS: Basic concepts, applications, and programming. Routledge. Available online: https://www.taylorfrancis.com/books/mono/10.4324/9781315757421/structural-equation-modeling-amos-barbara-byrne (accessed on 1 August 2024).
  17. Cele, N. N., & Kwenda, S. (2024). Do cybersecurity threats and risks have an impact on the adoption of digital banking? A systematic literature review. Journal of Financial Crime. ahead-of-print. [Google Scholar] [CrossRef]
  18. Cenamor, J., Sjödin, D. R., & Parida, V. (2017). Adopting a platform approach in servitization: Leveraging the value of digitalization. International Journal of Production Economics, 192, 54–65. [Google Scholar] [CrossRef]
  19. Chang, H. H., Wong, K. H., & Chiu, W. S. (2019). The effects of business systems leveraging on supply chain performance: Process innovation and uncertainty as moderators. Information & Management, 56(6), 103140. [Google Scholar] [CrossRef]
  20. Chowdhury, M. M. H., Quaddus, M., & Agarwal, R. (2019). Supply chain resilience for performance: Role of relational practices and network complexities. Supply Chain Management: An International Journal, 24(5), 659–676. [Google Scholar] [CrossRef]
  21. Craigen, D., Diakun-Thibault, N., & Purse, R. (2014). Defining cybersecurity. Technology Innovation Management Review, 4(10), 13–21. [Google Scholar] [CrossRef]
  22. Dam, S. M., & Dam, T. C. (2021). Relationships between service quality, brand image, customer satisfaction, and customer loyalty. The Journal of Asian Finance, Economics and Business, 8(3), 585–593. [Google Scholar]
  23. Daud, N. M., Mamud, N. I., & Aziz, S. A. (2011). Customer’s perception towards information security in Internet banking system in Malaysia. Australian Journal of Basic and Applied Sciences, 5(9), 101–112. Available online: https://www.atlantis-press.com/article/125925996.pdf (accessed on 1 August 2024).
  24. Del Giorgio Solfa, F. (2022). Impacts of cyber security and supply chain risk on digital operations. Available online: https://www.aacademica.org/del.giorgio.solfa/495 (accessed on 1 September 2024).
  25. De Vass, T., Shee, H., & Miah, S. J. (2018). The effect of “Internet of Things” on supply chain integration and performance: An organisational capability perspective. Australasian Journal of Information Systems, 22. [Google Scholar] [CrossRef]
  26. Dubey, R., Altay, N., Gunasekaran, A., Blome, C., Papadopoulos, T., & Childe, S. J. (2018). Supply chain agility, adaptability and alignment: Empirical evidence from the Indian auto components industry. International Journal of Operations & Production Management, 38(1), 129–148. [Google Scholar] [CrossRef]
  27. Ellis, S., Morris, H. D., & Santagate, J. (2015). IoT-enabled analytic applications revolutionize supply chain planning and execution. International Data Corporation (IDC) White Paper, 13. Available online: https://www.savi.com/wp-content/uploads/IDC-IoT-enabled-analytics-applications_final.pdf (accessed on 1 September 2024).
  28. Fernando, Y., Tseng, M. L., Wahyuni-Td, I. S., de Sousa Jabbour, A. B. L., Chiappetta Jabbour, C. J., & Foropon, C. (2023). Cyber supply chain risk management and performance in industry 4.0 era: Information system security practices in Malaysia. Journal of Industrial and Production Engineering, 40(2), 102–116. Available online: https://www.tandfonline.com/doi/abs/10.1080/21681015.2022.2116495 (accessed on 1 August 2024). [CrossRef]
  29. Ferraiuolo, A., Behjati, R., Santoro, T., & Laurie, B. (2022, November 7). Policy transparency: Authorization logic meets general transparency to prove software supply chain integrity. 2022 ACM Workshop on Software Supply Chain Offensive Research and Ecosystem Defenses (pp. 3–13), Los Angeles, CA, USA. [Google Scholar] [CrossRef]
  30. Fornell, C., & Larcker, D. F. (1981). Evaluating structural equation models with unobservable variables and measurement error. Journal of Marketing Research, 18(1), 39–50. Available online: https://www.jstor.org/stable/3151312 (accessed on 1 September 2024). [CrossRef]
  31. Goldsby, T. J., & Stank, T. P. (2000). World class logistics performance and environmentally responsible logistics practices. Journal of Business Logistics, 21(2), 187–208. [Google Scholar]
  32. Gunasekaran, A., Patel, C., & McGaughey, R. E. (2004). A framework for supply chain performance measurement. International Journal of Production Economics, 87(3), 333–347. Available online: https://www.sciencedirect.com/science/article/pii/S0925527303002561 (accessed on 1 August 2024). [CrossRef]
  33. Hair, J. F., Jr., Hult, G. T. M., Ringle, C. M., & Sarstedt, M. (2021). A primer on partial least squares structural equation modeling (PLS-SEM). Sage Publications. Available online: https://uk.sagepub.com/en-gb/eur/a-primer-on-partial-least-squares-structural-equation-modeling-pls-sem/book270548 (accessed on 1 September 2024).
  34. Hammour, R. A., Gharaibeh, Y. A., Qasaimeh, M., & Al-Qassas, R. S. (2019, December 2–5). The status of information security systems in banking sector from social engineering perspective. Second International Conference on Data Science, E-Learning and Information Systems (pp. 1–7), Dubai, United Arab EmiratesAvailable online: https://dl.acm.org/doi/abs/10.1145/3368691.3368705 (accessed on 1 August 2024).
  35. Hanaysha, J. R., & Alzoubi, H. M. (2022). The effect of digital supply chain on organizational performance: An empirical study in Malaysia manufacturing industry. Uncertain Supply Chain Management, 10(2), 495–510. [Google Scholar] [CrossRef]
  36. Haupert, V., Maier, D., & Müller, T. (2017, November 16–17). Paying the price for disruption: How a FinTech allowed account takeover. The 1st Reversing and Offensive-oriented Trends Symposium (pp. 1–10), Vienna, AustriaAvailable online: https://cris.fau.de/publications/111220384/ (accessed on 1 September 2024).
  37. Henseler, J., Ringle, C. M., & Sarstedt, M. (2015). A new criterion for assessing discriminant validity in variance-based structural equation modeling. Journal of the Academy of Marketing Science, 43(1), 115–135. [Google Scholar] [CrossRef]
  38. Herath, T., & Rao, H. R. (2009). Protection motivation and deterrence: A framework for security policy compliance in organizations. European Journal of Information Systems, 18(2), 106–125. Available online: https://www.tandfonline.com/doi/full/10.1057/ejis.2009.6 (accessed on 1 August 2024). [CrossRef]
  39. Humayed, A., Lin, J., Li, F., & Luo, B. (2017). Cyber-physical systems security—A survey. IEEE Internet of Things Journal, 4(6), 1802–1831. [Google Scholar] [CrossRef]
  40. Huxtable, J., & Schaefer, D. (2016). On servitization of the manufacturing industry in the UK. Procedia Cirp, 52, 46–51. [Google Scholar] [CrossRef]
  41. ITU. (2023). Global cybersecurity index 2023. International Telecommunications Union. Available online: https://www.itu.int/en/ITU-D/Cybersecurity/Pages/global-cybersecurity-index.aspx (accessed on 1 September 2024).
  42. Kant, R., & Jaiswal, D. (2017). The impact of perceived service quality dimensions on customer satisfaction: An empirical study on public sector banks in India. International Journal of Bank Marketing, 35(3), 411–430. [Google Scholar] [CrossRef]
  43. Katzan, H., Jr. (2012). Cybersecurity service model. Journal of Service Science, 5(2), 71–78. Available online: https://clutejournals.com/index.php/JSS/article/view/7576 (accessed on 1 September 2024).
  44. Khidzir, N. Z., Daud, K. A. M., Ismail, A. R., Ghani, M. S. A. A., & Ibrahim, M. A. H. (2018). Information security requirement: The relationship between cybersecurity risk confidentiality, integrity, and availability in digital social media. In Regional conference on science, technology and social sciences (RCSTSS 2016) (pp. 229–237). Springer. Available online: https://link.springer.com/chapter/10.1007/978-981-13-0074-5_21 (accessed on 1 August 2024).
  45. Kim, M. G. (2017). A cautionary note on the use of Cook’s distance. Communications for Statistical Applications and Methods, 24(3), 317–324. Available online: http://www.csam.or.kr/journal/view.html?doi=10.5351/CSAM.2017.24.3.317 (accessed on 1 September 2024). [CrossRef]
  46. Merriam-Webster. (2024). Cybersecurity. In Merriam-Webster.com dictionary. Available online: https://www.merriam-webster.com/dictionary/cybersecurity (accessed on 14 June 2023).
  47. Mullet, V., Sondi, P., & Ramat, E. (2021). A review of cybersecurity guidelines for manufacturing factories in industry 4.0. IEEE Access, 9, 23235–23263. [Google Scholar] [CrossRef]
  48. Novaes Neto, N., Madnick, S., de Paula, M. G., & Malara Borges, N. (2020). A case study of the capital one data breach. Available online: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3542567 (accessed on 1 December 2024).
  49. Oke, A., Burke, G., & Myers, A. (2007). Innovation types and performance in growing UK SMEs. International Journal of Operations & Production Management, 27(7), 735–753. [Google Scholar] [CrossRef]
  50. Omariba, Z., Masese, N., & Wanyembi, G. (2012). Security and privacy of electronic banking. International Journal of Computer Science Issues, 9(4), 432–446. Available online: https://search.proquest.com/openview/bf34de943ee98122bbca465d21d24366/1?pq-origsite=gscholar&cbl=55228 (accessed on 1 August 2024).
  51. Pandey, S., Singh, R. K., Gunasekaran, A., & Kaushik, A. (2020). Cyber security risks in globalized supply chains: A conceptual framework. Journal of Global Operations and Strategic Sourcing, 13(1), 103–128. Available online: https://www.emerald.com/insight/content/doi/10.1108/JGOSS-05-2019-0042/full/html (accessed on 1 September 2024). [CrossRef]
  52. Puhakainen, P., & Siponen, M. (2010). Improving employees’ compliance through information systems security training: An action research study. MIS Quarterly, 34(4), 757–778. [Google Scholar] [CrossRef]
  53. Ramanujapuram, A., & Akkihal, A. (2014, December 5–6). Improving the performance of rural supply chains using mobile phones: Reducing information asymmetry to improve stock availability in low-resource environments. The Fifth ACM Symposium on Computing for Development (pp. 11–20), San Jose, CA, USAAvailable online: https://dl.acm.org/doi/10.1145/2674377.2674382 (accessed on 1 September 2024).
  54. Rouse, M. (2022). CIA triad of information security. Techopedia blog. Available online: https://www.techopedia.com/definition/25830/cia-triad-of-information-security (accessed on 1 September 2024).
  55. Rozhkov, E. V. (2022). Opportunity to change the future or “institutional trap”. Becтник Yнивepcитeтa, 114–121. Available online: https://vestnik.guu.ru/jour/issue/download/80/80#page=114 (accessed on 1 September 2024). [CrossRef]
  56. Saeed, M. M., & Donkoh, E. (2024). Mobile banking services and financial inclusion among customers of commercial banks: Evidence from an emerging economy. Business Strategy & Development, 7(4), e70035. [Google Scholar] [CrossRef]
  57. Samonas, S., & Coss, D. L. (2014). The CIA strikes back: Redefining confidentiality, integrity and availability in security. Journal of Information Systems Security, 10(3), 21–45. Available online: https://www.jissec.org/Contents/V10/N3/V10N3-Samonas.html (accessed on 1 August 2024).
  58. Sarratiagham, A. (2008). Perceived information security and consumer trust in electronic commerce transactions: A survey of Internet banking adoption in Malaysia. Journal of the Asian Academy of Applied Business, 4(1), 15–27. Available online: https://jurcon.ums.edu.my/ojums/index.php/JAAAB/article/view/1272/818 (accessed on 1 September 2024).
  59. Sawangwong, A., & Chaopaisarn, P. (2023). The impact of applying knowledge in the technological pillars of Industry 4.0 on supply chain performance. Kybernetes, 52(3), 1094–1126. [Google Scholar] [CrossRef]
  60. Seno, S. A. H., Bidmeshk, O. G., & Ghaffari, K. (2015, April 16). Information security diagnosis in electronic banking: A case study of Tejarat Bank’s branches of Isfahan. 2015 9th International Conference on e-Commerce in Developing Countries: With Focus on e-Business (ECDC) (pp. 1–8), Isfahan, Iran. [Google Scholar] [CrossRef]
  61. Shukor, A. A. A., Newaz, M. S., Rahman, M. K., & Taha, A. Z. (2021). Supply chain integration and its impact on supply chain agility and organizational flexibility in manufacturing firms. International Journal of Emerging Markets, 16(8), 1721–1744. [Google Scholar] [CrossRef]
  62. Singh, R. K., Kumar, P., & Chand, M. (2019). Evaluation of supply chain index in context to industry 4.0 environment. Benchmarking: An International Journal, 28(5), 1622–1637. [Google Scholar] [CrossRef]
  63. Sleimi, M. (2020). Effects of risk management practices on banks’ performance: An empirical study of the Jordanian banks. Management Science Letters, 10(2), 489–496. Available online: http://growingscience.com/beta/msl/3437-effects-of-risk-management-practices-on-banks-performance-an-empirical-study-of-the-jordanian-banks.html (accessed on 1 September 2024). [CrossRef]
  64. Sobb, T., Turnbull, B., & Moustafa, N. (2020). Supply chain 4.0: A survey of cyber security challenges, solutions and future directions. Electronics, 9(11), 1864. Available online: https://www.mdpi.com/2079-9292/9/11/1864 (accessed on 1 August 2024). [CrossRef]
  65. Tawfik, O. I., Al Tahat, S., Jasim, A. L., & Abd Almonem, O. (2021). Intellectual impact of cyber governance in the correct application of cloud accounting in Jordanian commercial banks-from the point of view of Jordanian auditors. Journal of Management Information and Decision Sciences, 24(5), 1–14. Available online: https://www.abacademies.org/articles/intellectual-impact-of-cyber-governance-in-the-correct-application-of-cloud-accounting-in-jordanian-commercial-banks--from-the-poi-10903.html (accessed on 1 September 2024).
  66. Venkatesh, V., Morris, M. G., Davis, G. B., & Davis, F. D. (2000). User acceptance of information technology: Toward a unified view. MIS Quarterly, 27(3), 425–478. [Google Scholar] [CrossRef]
  67. Wang, X., Wang, B., Wu, Y., Ning, Z., Guo, S., & Yu, F. R. (2024). A survey on trustworthy edge intelligence: From security and reliability to transparency and sustainability. IEEE Communications Surveys & Tutorials. [Google Scholar] [CrossRef]
  68. Wu, H., Cao, J., Yang, Y., Tung, C. L., Jiang, S., Tang, B., Liu, Y., Wang, X., & Deng, Y. (2019, July 29–August 1). Data management in supply chain using blockchain: Challenges and a case study. 2019 28th International Conference on Computer Communication and Networks (ICCCN) (pp. 1–8), Valencia, Spain. [Google Scholar] [CrossRef]
  69. Wu, H., Liu, J., & Liang, B. (2024). AI-driven supply chain transformation in Industry 5.0: Enhancing resilience and sustainability. Journal of the Knowledge Economy. [Google Scholar] [CrossRef]
  70. Yan, Y., Wei, C., Guo, X., Lu, X., Zheng, X., Liu, Q., Zhou, C., Song, X., Zhao, B., Zhang, H., & Jiang, G. (2020, June 14–19). Confidentiality support over financial grade consortium blockchain. 2020 ACM SIGMOD International Conference on Management of Data (pp. 2227–2240), Portland, OR, USA. [Google Scholar] [CrossRef]
  71. Yip, N. S. M. S. (2015). The effect of cyber supply chain security towards lean and agile supply chain performance in healthcare industry: The mediating effect of organizational capabilities [Doctoral dissertation, Universiti Sains Malaysia]. Available online: http://eprints.usm.my/29998/1/Syazwani.pdf (accessed on 1 September 2024).
Admsci 15 00001 g001
Figure 1. Research model, text inside circles need to be formatted correctly, if you please make them in the center of the shape with the same font size and bold effect.
Figure 1. Research model, text inside circles need to be formatted correctly, if you please make them in the center of the shape with the same font size and bold effect.
Admsci 15 00001 g001
Admsci 15 00001 g002
Figure 2. Structural model estimate for main hypothesis H1.
Figure 2. Structural model estimate for main hypothesis H1.
Admsci 15 00001 g002
Admsci 15 00001 g003
Figure 3. Structural model estimate for sub-hypotheses.
Figure 3. Structural model estimate for sub-hypotheses.
Admsci 15 00001 g003
Table 1. Cybersecurity definitions.
Table 1. Cybersecurity definitions.
# Practical Application in Jordanian ContextKey Dimensions
1.ITU (2023)Improving safeguards for financial banking systems and customer data integrity and security.Availability;
integrity, which may include authenticity and non-repudiation;
confidentiality
2.Alzoubi et al. (2022)Protecting banking systems from risks such as phishing and malware and confirming data access control.Confidentiality, integrity, and availability
3.Yan et al. (2020)Reducing the unsanctioned penetration into national financial systems.Confidentiality
4.Al-Alawi et al. (2020)Protecting against cyber breaking in organizations and ensuring service continuity.Confidentiality, integrity, and availability
5.Merriam-Webster (2024)Safeguarding sensitive systems against unsanctioned online access.Confidentiality, integrity, and availability
6.Craigen et al. (2014)Putting cybersecurity mechanisms in place to make banking infrastructure resilient.Confidentiality, integrity, and availability
Source: developed by authors, adopted from mentioned studies.
Table 2. Respondents’ profiles for customer sample (n = 220).
Table 2. Respondents’ profiles for customer sample (n = 220).
Count%
Age
Less than 25 years old209.1%
From 25 years old to 35 years old13862.73%
From 36 years old to 45 years old4319.54%
Over 45 years old198.63%
Gender
Male10748.6%
Female11351.4%
Academic qualification
High school diploma or less than an intermediate diploma20.9%
Intermediate diploma94.1%
Bachelor13963.2%
Postgraduate7031.8%
Table 3. Respondents’ profiles for manager sample (n = 40).
Table 3. Respondents’ profiles for manager sample (n = 40).
Count%
Job position
Head of the department717.5%
Assistant head of the department37.5%
Branch manager2050.0%
Assistant director615.0%
Director of operations12.5%
Office administrator25.0%
Cashier12.5%
Age
Less than 25 years old----
From 25 years old to 35 years old1025.0%
From 36 years old to 45 years old3075.0%
Over 45 years old----
Gender
Male3895.0%
Female25.0%
Academic qualification
High school diploma or less than an intermediate diploma----
Intermediate diploma----
Bachelor2870.0%
Postgraduate1230.0%
Years of experience
Less than five years----
From 5 to 10 years1127.5%
From 11 to 15 years2767.5%
More than 15 years25.0%
Table 4. Results of reliability and convergent validity of the measurement model—total sample (n = 260).
Table 4. Results of reliability and convergent validity of the measurement model—total sample (n = 260).
ConstructItemFLt-ValueCronbach AlphaCRAVE
ConfidentialityC10.80825.822 ***0.8680.9020.608
C20.84731.043 ***
C30.80320.564 ***
C40.82629.534 ***
C50.5778.439 ***
C60.78624.765 ***
IntegrityI10.78926.002 ***0.8700.9060.658
I20.81115.614 ***
I30.77014.147 ***
I40.82530.261 ***
I50.85738.746 ***
AvailabilityA10.83233.033 ***0.8140.8650.522
A20.82242.669 ***
A30.69118.311 ***
A40.56810.415 ***
A50.62611.792 ***
A60.75417.913 ***
FlexibilityF10.78030.069 ***0.8850.9130.636
F20.70214.835 ***
F30.83336.103 ***
F40.83034.945 ***
F50.79623.314 ***
F60.83736.117 ***
Service qualitySQ10.84916.678 ***0.9410.9530.771
SQ20.87242.629 ***
SQ30.86946.682 ***
SQ40.90347.515 ***
SQ50.90232.915 ***
SQ60.87453.258 ***
Customer satisfactionCS10.88245.297 ***0.9180.9390.756
CS20.91059.661 ***
CS30.89749.618 ***
CS40.90763.967 ***
CS50.74120.062 ***
*** p < 0.001.
Table 5. Results of discriminant validity (Fornell–Larcker) of the measurement model—total sample (n = 260).
Table 5. Results of discriminant validity (Fornell–Larcker) of the measurement model—total sample (n = 260).
ConstructAvailabilityConfidentialityCustomer SatisfactionFlexibilityIntegrityService Quality
Availability0.722
Confidentiality0.6720.780
Customer satisfaction0.6320.5740.870
Flexibility0.7070.6460.7240.798
Integrity0.7520.6720.6200.6560.811
Service quality0.6860.6170.8350.7910.6780.878
Table 6. Results of discriminant validity (heterotrait/monotrait ratio [HTMT]) of the measurement model—total sample (n = 260).
Table 6. Results of discriminant validity (heterotrait/monotrait ratio [HTMT]) of the measurement model—total sample (n = 260).
ConstructAvailabilityConfidentialityCustomer SatisfactionFlexibilityIntegrityService Quality
Availability
Confidentiality0.761
Customer satisfaction0.7120.638
Flexibility0.8170.7280.800
Integrity0.8750.7670.6910.746
Service quality0.7730.6780.8970.8640.746
Table 7. Customer sample (n = 220).
Table 7. Customer sample (n = 220).
Count%
Use electronic services (internet banking, digital wallet, bank app, etc.)
No 6 2.7%
Yes 208 94.5%
Not sure/do not know 5 2.3%
Did not respond 1 0.5%
Cybersecurity threats, risks, and related issues before
No18885.5%
Yes 13 5.9%
Not sure/do not know 19 8.6%
Levels of priority of cybersecurity practices at your bank
Low 12 5.5%
Moderate 102 46.4%
High 89 40.5%
Very high 16 7.3%
Did not respond 1 0.3%
Discuss the topic of cybersecurity with the bank before
No19186.8%
Yes2410.9%
Not sure/do not know 5 2.3%
Have a security incident, attack, or data breach due to a malicious or negligent employee
No15068.2%
Yes 8 3.6%
Not sure/do not know 62 28.2%
Levels of awareness of employees about banks’ security risks
Very knowledgeable 53 24.1%
Somewhat knowledgeable 122 55.4%
Not knowledgeable/not sure/do not know 45 20.5%
Table 8. Cybersecurity-related information in the Jordanian banking sector—manager sample (n = 40).
Table 8. Cybersecurity-related information in the Jordanian banking sector—manager sample (n = 40).
Count%
Level of priority of cybersecurity practices at your bank
High 40 100%
Often discuss the topic of cybersecurity issues with executive leadership
Monthly1025%
Each period 30 75%
Have a security incident, attack, or data breach due to a malicious or negligent employee
No3895%
Not sure/do not know 2 5%
Levels of awareness of employees about banks’ security risks
Very knowledgeable 24 60%
Knowledgeable 16 40%
Table 9. Mean and STD for levels of cybersecurity practices as perceived by the sample.
Table 9. Mean and STD for levels of cybersecurity practices as perceived by the sample.
No.ConstructTotal Sample (n = 260)
MeanStd.RankOrder
1Cybersecurity policy (manager sample only)4.740.47High//
2Confidentiality4.600.53High1
3Integrity4.460.50High2
4Availability4.350.48High3
Total cybersecurity practices (cybersecurity policy excluded)4.47High
Table 10. Mean and STD for levels of SCP as perceived by the sample.
Table 10. Mean and STD for levels of SCP as perceived by the sample.
No.ConstructTotal Sample (n = 260)
MeanStd.RankOrder
1Flexibility4.360.53High3
2Service quality4.410.59High1
3Customer satisfaction4.370.59High2
Total SCP4.38High
Table 11. Hypotheses’ estimated results (n = 260).
Table 11. Hypotheses’ estimated results (n = 260).
HPathBetat-Valuep-ValueResult
H1Cybersecurity practices—SCP0.77727.9190.000 *Supported
H1.1Confidentiality—SCP0.2253.4890.000 *Supported
H1.2Integrity—SCP0.2753.6170.000 *Supported
H1.3Availability—SCP0.3705.4260.000 *Supported
* p < 0.05.
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.

Share and Cite

MDPI and ACS Style

Al-Khatib, S.F.; Ibrahim, Y.Y.; Alnadi, M. Cybersecurity Practices and Supply Chain Performance: The Case of Jordanian Banks. Adm. Sci. 2025, 15, 1. https://doi.org/10.3390/admsci15010001

AMA Style

Al-Khatib SF, Ibrahim YY, Alnadi M. Cybersecurity Practices and Supply Chain Performance: The Case of Jordanian Banks. Administrative Sciences. 2025; 15(1):1. https://doi.org/10.3390/admsci15010001

Chicago/Turabian Style

Al-Khatib, Saleh Fahed, Yara Yousef Ibrahim, and Mohammad Alnadi. 2025. "Cybersecurity Practices and Supply Chain Performance: The Case of Jordanian Banks" Administrative Sciences 15, no. 1: 1. https://doi.org/10.3390/admsci15010001

APA Style

Al-Khatib, S. F., Ibrahim, Y. Y., & Alnadi, M. (2025). Cybersecurity Practices and Supply Chain Performance: The Case of Jordanian Banks. Administrative Sciences, 15(1), 1. https://doi.org/10.3390/admsci15010001

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop