CYBER RISK MANAGEMENT IN CREDIT COOPERATIVE BANKS: A CASE STUDY

Our research explores the Italian banking sector. In particular it focuses on the analysis of the cyber risk management in Bene Banca, a Credit Cooperative Bank (BCC) in the North-West of Italy. This research represents a case study that can help us understand the context and the main characteristics of the methodology implied by Bene Banca in managing cyber risk. Data were collected through semi-structured interviews of an open-ended nature and questionnaires to directors, members of the audit committee, risk managers, compliance managers, internal audit function and anti-money laundering responsible. We decided to concentrate on this small bank because of its size and its role on the local territory and because the cyber risk management is outsourced. Furthermore we focus on the topic of cyber crime because IT attacks have increased drastically in recent years, both in terms of complexity and resources, and they cannot be stopped by single organizations, because they need a response at country level. Consequently this paper has been motivated by the gaps in the understanding and in considering cyber risk and cyber risk management as an integral part of the business management.