CyberFusion Protocols: Strategic Integration of Enterprise Risk Management, ISO 27001, and Mobile Forensics for Advanced Digital Security in the Modern Business Ecosystem

Oluwaseun Oladeji Olaniyi *

University of the Cumberlands, 104 Maple Drive, Williamsburg, KY 40769, United States of America.

Olajide Oyebola Omogoroye

Data Science Tech Institute, Sophia Antipolis, France.

Folashade Gloria Olaniyi

University of the People, 595 E Colorado Blvd Suite 623, Pasadena, CA 91101, United States of America.

Adegbenga Ismaila Alao

Kwara State University, Malete, Kwara State, Nigeria.

Tunbosun Oyewale Oladoyinbo

University of Maryland Global Campus, 3501 University Blvd E, Adelphi, MD 20783, USA.

*Author to whom correspondence should be addressed.


Abstract

This research paper explores the integration of Enterprise Risk Management (ERM), the ISO 27001 standard, and mobile forensics methodologies as a comprehensive framework for enhancing digital security measures within modern business ecosystems. Employing a quantitative research design, this paper utilized a survey methodology, gathering data from 372 professionals across various sectors including risk management, IT/security, and forensic analysis. The analysis was conducted using Partial Least Squares Structural Equation Modeling (PLS-SEM) to test the research hypotheses and assess the impact of the integrated approach on organizational digital security capabilities. The findings reveal a significant positive effect of integrating ERM, ISO 27001, and mobile forensics on an organization’s ability to manage digital risks effectively. Specifically, the integrated approach was found to enhance strategic digital security management, improve the identification, assessment, and mitigation of digital risks, strengthen information security management practices, and elevate the effectiveness and efficiency of digital crime investigation processes. These outcomes underscore the value of a cohesive strategy that leverages the strengths of ERM, ISO 27001, and mobile forensics in addressing the complex and interconnected digital threat landscape. Based on the results, the study recommends adopting a holistic security framework, investing in continuous professional development, leveraging technological advancements for proactive security management, and fostering a culture of security and collaboration. Such measures are crucial for organizations aiming to enhance their resilience against cyber threats and protect their digital assets in the face of sophisticated cyber-attacks. This research contributes to the field of cybersecurity by providing empirical evidence on the benefits of an integrated approach to digital security, offering practical guidelines for organizations seeking to improve their digital security measures, and highlighting the need for continuous adaptation and collaboration in the fight against cyber threats.

Keywords: Enterprise Risk Management (ERM), ISO 27001, mobile forensics, digital security, cybersecurity threats, integrated security framework, quantitative research, PLS-SEM


How to Cite

Olaniyi, O. O., Omogoroye , O. O., Olaniyi , F. G., Alao , A. I., & Oladoyinbo , T. O. (2024). CyberFusion Protocols: Strategic Integration of Enterprise Risk Management, ISO 27001, and Mobile Forensics for Advanced Digital Security in the Modern Business Ecosystem. Journal of Engineering Research and Reports, 26(6), 31–49. https://doi.org/10.9734/jerr/2024/v26i61160

Downloads

Download data is not yet available.

References

Sarkar G, Shukla SK. Behavioral analysis of cybercrime: Paving the way for effective policing strategies, Journal of Economic Criminology. 2023;2(1)100034. DOI: https://doi.org/10.1016/j.jeconc.2023. 100034

Siwakoti YR, Bhurtel M, Rawat DB, Oest A, Johnson R. Advances in IOT security: Vulnerabilities, enabled criminal services, attacks and countermeasures. IEEE Internet of Things Journal. 2023;1–1 DOI: https://doi.org/10.1109/JIOT.2023.32 52594

Bernard TS, Hsu T, Perlroth N, Lieber R. Equifax Says Cyberattack May Have Affected 143 Million in the U.S. The New York Times; 2017. Available:https://www.nytimes.com/2017/09/07/business/equifax-cyberattack.html

Miyashiro I. Case study: Equifax Data Breach. Seven Pillars Institute; 2021 Available:https://sevenpillarsinstitute.org/case-study-equifax-data-breach/

FasterCapital. Equifax Data Breach. Faster Capital; 2022 Available:https://fastercapital.com/keyword/equifax-data-breach.html#:~:text=Equifax%20Data%20Breach- (accessed Apr. 08, 2024)

Dupont B, Shearing C, Bernier M, Leukfeldt R. The tensions of cyber-resilience: From sensemaking to practice. Computers and Security. 2023;132: 103372 DOI: https://doi.org/10.1016/j.cose.2023. 103372

Ewuga SK, Egieya ZE, Omotosho A, Adegbite AO. ISO 27001 in banking: An evaluation of its implementation and effectiveness in enhancing information security. Finance and Accounting Research Journal. 2023;5(12):405–425. DOI: https://doi.org/10.51594/farj.v5i12.68 4

Dunsin D, Ghanem MC, Ouazzane K, Vassilev V. A comprehensive analysis of the role of artificial intelligence and machine learning in modern digital forensics and incident response. Forensic Science International: Digital Investigation. 2024;48:301675. DOI: https://doi.org/10.1016/j.fsidi.2023.30 1675

Hodson CJ. Cyber Risk Management: Prioritize Threats, Identify Vulnerabilities and Apply Controls. Kogan Page Publishers; 2024. Available:https://books.google.com/books?hl=en&lr=&id=ZyjyEAAAQBAJ&oi=fnd&pg=PR1&dq=+Identified+vulnerabilities+can+be+translated+into+specific+controls+and+patching+procedures+within+ISO+27001+frameworks

Oladoyinbo TO, Adebiyi OO, Ugonnia JC, Olaniyi OO, Okunleye OJ. Evaluating and establishing baseline security requirements in cloud computing: An enterprise risk management approach. Asian Journal of Economics, Business, and Accounting. 2023;23(21):222–231 DOI: https://doi.org/10.9734/ajeba/2023/v2 3i211129

Porath U. Advancing managerial evolution and resource management in contemporary business landscapes. Modern Economy. 2023;14(10):1404–1420 DOI: https://doi.org/10.4236/me.2023.141 0072

Beasley M. What is Enterprise risk management?; 2016 Available:https://erm.ncsu.edu/az/erm/i/chan/library/What_is_Enterprise_Risk_Management.pdf

COSO. Enterprise Risk Management Integrating with Strategy and performance. Committee of Sponsoring Organizations of the Treadway Commission; 2017 Available:https://www.coso.org/Shared%20Documents/2017-COSO-ERM-Integrating-with-Strategy-and-Performance-Executive-Summary.pdf

Olaniyi OO, Omubo DS. The importance of COSO framework compliance in information technology auditing and enterprise resource management. International Journal of Innovative Research and Development; 2023. DOI: https://doi.org/10.24940/ijird/2023/v1 2/i5/may23001

Olaniyi OO, Asonze CU, Ajayi SA, Olabanji SO, Adigwe CS. A regressional study on the impact of organizational security culture and transformational leadership on social engineering awareness among bank employees: The interplay of security education and behavioral change. Asian Journal of Economics, Business and Accounting. 2023;23(23):128–143 DOI: https://doi.org/10.9734/ajeba/2023/v2 3i231176

Tyagi A. Enterprise Risk Management: Benefits and Challenges. SSRN Electronic Journal; 2020, DOI: https://doi.org/10.2139/ssrn.3748267

Olaniyi OO, Okunleye OJ, Olabanji SO, Asonze CU, Ajayi SA. IoT security in the era of ubiquitous computing: A multidisciplinary approach to addressing vulnerabilities and promoting resilience. Asian Journal of Research in Computer Science. 2023;16(4):354–371. DOI: https://doi.org/10.9734/ajrcos/2023/v 16i4397

Marquis YA, Oladoyinbo TO, Olabanji SO, Olaniyi OO, Ajayi SS. Proliferation of AI tools: A multifaceted evaluation of user perceptions and emerging trend. Asian Journal of Advanced Research and Reports. 2024;18(1):30–35. DOI: https://doi.org/10.9734/ajarr/2024/v18 i1596

Olaniyi OO, Ugonnia JC, Olaniyi FG, Arigbabu AT, Adigwe CS. Digital collaborative tools, strategic communication, and social capital: Unveiling the impact of digital transformation on organizational dynamics. Asian Journal of Research in Computer Science. 2024;17(5):140–156 DOI: https://doi.org/10.9734/ajrcos/2024/v17i5444

Brooks D. Integrating ERM with Strategic Planning. SOA. Soa.org; 2019 Available:https://www.soa.org/library/newsletters/the-actuarymagazine/2007/august/int2007aug

Adebiyi OO, Olabanji SO, Olaniyi OO. Promoting inclusive accounting education through the integration of stem principles for a diverse classroom. Asian Journal of Education and Social Studies. 2023;49(4): 152–171. DOI: https://doi.org/10.9734/ajess/2023/v49i41196

Do H, Railwaywalla M, Thayer J. Integration of ERM with Strategy Case Study Analysis -April 2016 Introduction; 2024. Available:https://erm.ncsu.edu/az/erm/i/chan/library/Integration_of_ERM_and_Strategy_Case_Study.pdf

Abalaka AI, Olaniyi OO, Adebiyi OO. Understanding and overcoming the limitations to strategy execution in hotels within the small and medium enterprises sector. Asian Journal of Economics, Business and Accounting. 2023;23(22):26–36. DOI: https://doi.org/10.9734/ajeba/2023/v2 3i221134

Sidorenko A, Demidenko E. 4 steps to integrate risk management into strategic planning RISK-ACADEMY Blog. riskacademy. Blog; 2017. Available:https://riskacademy.blog/4-steps-to-integrate-risk-management-into-strategic-planning/

Oladoyinbo TO, Olabanji SO, Olaniyi OO, Adebiyi OO, Okunleye OJ, Alao AI. Exploring the challenges of artificial intelligence in data integrity and its influence on social dynamics. Asian Journal of Advanced Research and Reports. 2024;18(2):1–23. DOI: https://doi.org/10.9734/ajarr/2024/v18 i2601

Olaniyi OO, Shah N, Bahuguna N. Quantitative Analysis and Comparative Review of Dividend Policy Dynamics within the Banking Sector: Insights from Global and U.S. Financial Data and Existing Literature. Asian Journal of Economics, Business and Accounting. 2023;23(23): 179–199.

DOI: https://doi.org/10.9734/ajeba/2023/v2 3i231180

Olaniyi OO. Ballots and padlocks: building digital trust and security in democracy through information governance strategies and block chain technologies. Asian Journal of Research in Computer Science. 2024;17(5):172–189. DOI: https://doi.org/10.9734/ajrcos/2024/v 17i5447

Al-Ahmad W, Mohammad B, Young E. Addressing information security risks by adopting standard. International Journal of Information Security Science Walid Al-Ahmad. 2013;2(2) Available:https://dergipark.org.tr/en/download/article-file/147957

Olabanji SO, Marquis YA, Adigwe CS, Abidemi AS, Oladoyinbo TO, Olaniyi OO. Ai-driven cloud security: examining the impact of user behavior analysis on threat detection. Asian Journal of Research in Computer Science. 2024;17 (3):57–74. DOI: https://doi.org/10.9734/ajrcos/2024/v 17i3424

ISO, “Standards. ISO; 2019. Available:https://www.iso.org/standards.html

DataGuard. 12 Benefits of ISO 27001 Compliance and Certification - DataGuard,” www.dataguard.co.uk; 2023. Available:https://www.dataguard.co.uk/blog/benefits-of-iso-27001

Lopes IM, Guarda T, Oliveira P. How ISO 27001 Can Help Achieve GDPR Compliance, 2019 14th Iberian Conference on Information Systems and Technologies (CISTI); 2019. DOI:https://doi.org/10.23919/cisti.2019.87 60937

Adigwe CS, Olaniyi OO, Olagbaju OO, Olaniyi FG. Leading in a time of crisis: the coronavirus effect on leadership in America. Asian Journal of Economics, Business and Accounting. 2024;24(4):1–20. DOI: https://doi.org/10.9734/ajeba/2024/v2 4i41261

Olabanji SO, Oladoyinbo TO, Asonze CU, Adigwe CS, Okunleye OJ, Olaniyi OO. leveraging fintech compliance to mitigate cryptocurrency volatility for secure us employee retirement benefits: Bitcoin ETF case study. Asian Journal of Economics, Business and Accounting. 2024;24(4):147–167.

DOI:https://doi.org/10.9734/ajeba/2024/v24i41270

Luke Irwin. Benefits of ISO 27001 Certification. IT Governance Blog En; 2018. Available:https://www.itgovernance.eu/blog/en/benefits-of-iso-27001-certification

Mayeke NR, Arigbabu AT, Olaniyi OO, Okunleye OJ, Adigwe CS. Evolving access control paradigms: A comprehensive multi-dimensional analysis of security risks and system assurance in cyber engineering. 2024;17(5):108–124. DOI:https://doi.org/10.9734/ajrcos/2024/v17i5442

Violino B. IT risk assessment frameworks: Real-world experience. CSO Online; 2010. Available:https://www.csoonline.com/article/2125140/it-risk-assessment-frameworks-real-world-experience.html

Al-Dhaqm A, Razak SA, Ikuesan RA, Kebande VR, Siddique K. A review of mobile forensic investigation process models. IEEE Access. 2020;8:173359–173375. DOI:https://doi.org/10.1109/access.2020.3014615

Arigbabu AT, Olaniyi OO, Adigwe CS, Adebiyi OO, Ajayi SA. Data governance in AI - enabled healthcare systems: A case of the project nightingale. Asian Journal of Research in Computer Science. 2024; 17(5):85–107. DOI:https://doi.org/10.9734/ajrcos/2024/v17i5441

Pawlaszczyk D. Mobile Forensics – The End of a Golden Age? Journal of Forensic Sciences and Criminal Investigation. 2022;15(4). DOI:https://doi.org/10.19080/jfsci.2022.15.555917

Olaniyi OO, Okunleye OJ, labanji SO. Advancing data-driven decision-making in smart cities through big data analytics: A comprehensive review of existing literature. Current Journal of Applied Science and Technology. 2023;42(25):10–18. DOI:https://doi.org/10.9734/cjast/2023/v42i254181

EclipseForensics. Computer Forensics vs. Mobile Forensics: What’s the Difference? Eclipse Forensics; 2023. Available:https://eclipseforensics.com/computer-forensics-vs-mobile-forensics-whats-the-difference/#:~:text=In%20computer%20forensics%2C%20the%20devices

Adigwe CS, Mayeke NR, Olabanji SO, Okunleye OJ, Joeaneke PC, Olaniyi OO. The evolution of terrorism in the digital age: Investigating the adaptation of terrorist groups to cyber technologies for recruitment, propaganda, and cyberattacks. Asian Journal of Economics, Business and Accounting. 2024;24(3):289–306 DOI:https://doi.org/10.9734/ajeba/2024/v24i31287

Brown SC. Forensics detective says Android phones are now harder to crack than iPhones. Android Authority; 2020. Available:https://www.androidauthority.com/android-encryption-forensics-1078668/

Culot G, Nassimbeni G, Podrecca M, Sartor M. The ISO/IEC 27001 information security management standard: Literature review and theory-based research agenda. The TQM Journal. 2021;33(7):76–105. DOI: https://doi.org/10.1108/tqm-09-2020-0202

Nelson B. Top Security Threats of Smartphones (2022). Reader’s Digest; 1970. Available:https://www.rd.com/article/mobile-security threats/#:~:text=Mobile%20security%20threats%20are%20on

Drolet M. Council Post: ISO 27001 Certification: What It Is And Why You Need It Forbes; 2022. Available:https://www.forbes.com/sites/forbestechcouncil/2022/03/23/iso-27001-certification-what-it-is-and-why-you-need-it/?sh=33e7ee1041a6 (accessed Apr. 06, 2024)

Mirtsch M, Kinne J, Blind K. Exploring the Adoption of the International Information Security Management System Standard ISO/IEC 27001: A Web Mining-Based Analysis. IEEE Transactions on Engineering Management. 2020;68(1):1–14. DOI:https://doi.org/10.1109/tem.2020.2977815

Lutkevich B. What is Computer Forensics (Cyber Forensics)? Security; 2023 Available:https://www.techtarget.com/searchsecurity/definition/computer-forensics Offer=abt_pubpro_AI-Insider

Nnoli H, Lindskog D, Zavarsky P, Aghili S, Ruhl R. The governance of corporate forensics using cobit, nist and increased automated forensic approaches. IEEE Xplore; 2012. Available:https://ieeexplore.ieee.org/document/6406300 (accessed Nov. 23, 2021)

Olabanji SO, Oladoyinbo OB, Asonze CU, Oladoyinbo TO, Ajayi SA, Olaniyi OO. Effect of adopting ai to explore big data on personally identifiable information (PII) for financial and economic data transformation. Asian Journal of Economics, Business and Accounting. 2024;24(4):106–125.

DOI:https://doi.org/10.9734/ajeba/2024/v24i41268

Olabanji SO. Ai for identity and access management (IAM) in the cloud: Exploring the potential of artificial intelligence to improve user authentication, authorization, and access control within cloud-based systems. Asian Journal of Research in Computer Science. 2024;17(3):38–56.

DOI:https://doi.org/10.9734/ajrcos/2024/v17i3423

Daah C, Qureshi A, Awan I, Konur S. Enhancing zero trust models in the financial industry through blockchain integration: A proposed framework. Electronics. 2024;13(5):865.

DOI:https://doi.org/10.3390/electronics13050865

Mızrak F. Integrating cybersecurity risk management into strategic management: A comprehensive literature review. Journal of Business, Economics and Finance; 2023 DOI:https://doi.org/10.17261/pressacademia.2023.1807

Al-Mhiqani M, Ani U, Watson J, He H. Taxonomy of emerging security risks in digital railway. Springer proceedings in complexity (Print). 2024;251–281. DOI: https://doi.org/10.1007/978-981-99-6974-6_15

Roshanaei M. Enhancing mobile security through comprehensive penetration testing. Journal of Information Security. 2024;15(2):63–86. DOI:https://doi.org/10.4236/jis.2024.152006

AL-Dosari K, Fetais N. Risk-management framework and information-security systems for small and medium enterprises (SMES): A meta-analysis approach. Electronics. 2023;12(17):3629.

DOI:https://doi.org/10.3390/electronics12173629

Efe A. A comparison of key risk management frameworks: COSO-ERM, NIST RMF, ISO 31.000, COBIT. Denetim ve Güvence Hizmetleri Dergisi. 2023;3(2):185–205. Available: https://dergipark.org.tr/en/pub/audas/issue/79262/1291915

Marquez-Tejon J, Montserrat Jiménez Partearroyo, Benito- Osorio D. Integrated security management model: a proposal applied to organisational resilience. Security Journal; 2023. DOI: https://doi.org/10.1057/s41284-023-00381-6

AL-Hawamleh A. Cyber resilience framework: Strengthening defenses and enhancing continuity in business security. International Journal of Computing and Digital Systems. 2024;15(1):1315–1331. DOI: https://doi.org/10.12785/ijcds/150193

IBM. Database Security: An Essential Guide. IBM; 2023.

Available:www.ibm.com Available:https://www.ibm.com/topics/database-security

Saeed S, Suayyid SA, Al-Ghamdi MS, Al-Muhaisen H, Almuhaideb AM. A systematic literature review on cyber threat intelligence for organizational cybersecurity resilience. Sensors. 2023;23(16):7273. DOI: https://doi.org/10.3390/s23167273