Exploring Customer Awareness towards Their Cyber Security in the Kingdom of Saudi Arabia: A Study in the Era of Banking Digital Transformation

. The annual rate of cybersecurity breaches has risen in the last few years, exposing millions of records in some cases. The average data breach cost in 2021 was a massive $4.24 million. This study examines customer awareness and satisfaction with cybersecurity in the context of the digital transformation of banking in Saudi Arabia. The study is empirical and based on the data collected from 355 banking customers in Saudi Arabia. Three signi ﬁ cant aspects of cybersecurity, including cyberattacks, phishing, and hacking, have been analyzed through various dimensions. Customer satisfaction with bank cybersecurity assistance and their expectations of technical support and services on cybersecurity has also been studied. ANOVA and bivariate regression analysis are used to study the impact of cyberattack, phishing, hacking, cybersecurity assistance, and expectations on cybersecurity ’ s technical awareness on customer satisfaction. The results show that digital transformation has boosted the banking sector, and users bene ﬁ t from online services. However, an increase in the awareness level of customers on cyberattack, phishing, and hacking activities will in ﬂ uence customers ’ satisfaction with digital transactions. The results also revealed that customers need more satisfaction on security level aspects from the bank ’ s side, and banks should provide regular training programs to safeguard customers from cyberattacks. If banks prepare more secure cybersecurity management, their long-term sustainability goals could be easily achieved.


Introduction
Digital transformation in the banking sector can be viewed as a great opportunity but brings multiple challenges also. Mobile banking and Internet banking are straightforward approaches in doing multiple financial transactions in banking digital transformation. While customers benefit from such services, the threat and possibility of cyberattacks also become a significant challenge for these digital services. Cyberattacks, banking fraud, hacking, phishing, and security awareness are significant challenges resulting from digital transformation in the banking sector. Generally, customers' awareness of cybersecurity could be more questionable in various aspects. They need to know how to use technology safely while using the banks' digital platforms. Customers are usually victims of cyberattacks, phishing, and hacking, leading to digital/cyber literacy among the bank's customers. A significant challenge for the banking sector is the advancement and innovation of digital technology. It has been considered an opportunity for growth and development in the present business model of the bank and a threat to the sustainability of the bank's business existence [1,2]. Information technology also plays an essential role in such a kind of digital transformation. It provides operation support on various technical aspects and offers a platform for significant innovation in digital services [3]. There is a significant discussion required on monitoring the bank's cybersecurity. In the digital transformation, banks are now proceeding to digitize all banking services, including customers' confidential data, stored and flowing from one place to another over a network. Several cyberattacks occur on these services because mobile banking and Internet banking users are less aware. Banks must strengthen their cybersecurity policies to safeguard against such attacks and increase customer satisfaction. Active awareness is also required towards ATM skimming among banking customers so that they can safeguard themselves against such types of fraud. The widespread problem of ATM skimming requires targeted action. It is called ATM skimming when skimming devices, like the rain cover and fake keypad, are installed on ATM machines. Card skimming is a significant contributor to the financial sector's already widespread card fraud problem.
Cybersecurity awareness has become a critical parameter to safeguard our mobile banking apps and Internet bankingrelated activities in the digital transformation of banking activities. The study covers three essential types of cybersecurity such as cyberattacks, hacking, and phishing. It is essential to explore and understand the awareness level of mobile banking apps and Internet baking users regarding their cybersecurity to protect them from cyberattacks. The present study will help customers understand various general and technological aspects of their cybersecurity. It will also help banks understand the present satisfaction level of customers on bank's security, cybersecurity assistance offered by the bank, and their expectations on technological support cybersecurity services.

Literature Review
Several studies have been conducted to determine the importance of cybersecurity, digital transformation adoption, and digital transformation in the financial sector, particularly in the banking sector. According to a prior study, traditional banks become more exposed to cyberattacks after cooperating with fintech companies [4,5]. Skinner [6] has illustrated the impact of social networks on digitization in various industries. The study also looked at how digital disruption is affecting conventional social interactions. The growing usage of mobile devices is another important factor that has benefited the digital transformation process. The use of mobile banking apps climbed 19 percentage points between 2013 and 2014, according to a Bain & Company survey of digital clients from 22 countries, while the use of computer-based banking services remained virtually steady [7]. The term "digitalization" was initially created in 2000, and it has since become a significant driver of digital transformation, enabling a wide range of business models and organizations [8]. Acts that potentially harm an organization's assets are classified as threats. Cyberattacks wreak havoc on software, hardware, and data in particular. Microsoft created STRIDE, a standard threat classification system [9].
Digital transformation is described by Stolterman and Fors [10] as "the changes that digital technology entails or effects on all facets of human life." Digitization was initially described as converting text and images into binary digits. This makes it possible to manage, copy, and distribute data at a cheap cost on a large scale at an affordable price [11]. Digital systems and platforms evolve, resulting in new prod-ucts, services, business models, and behaviours, as well as new working approaches and more efficient business process development opportunities, all of which impact society [11]. Customer satisfaction, experiences, awareness, and expectations are all elements to examine when evaluating recent digital transformation developments. Mbama and Ezepue believe that a positive customer experience is associated with higher customer satisfaction and loyalty (2016, p.250). Customers' experiences with digital banking are influenced by various elements, including the quality of their contacts with staff, the quality of their services, perceived usability, perceived risk, and observed value ( [12], p.250).
Improved client experience can be achieved by providing high levels of security, increasing the quality of service provided, and providing value-added services. As the number of people who use digital banking to access bank services grows, more resources should be allocated to mobile banking services, which are becoming increasingly popular ( [12], p.250). To provide a pleasant customer experience, banks must first understand the needs of their customers. Therefore, financial institutions recommend constant communication with consumers ( [12], p.250). According to Jamal and Naser [13], consumer satisfaction is defined as the feeling or attitude a client has toward a product or service after using or receiving it. Customer satisfaction is a critical marketing approach since it connects multiple stages of a consumer's buying transaction in a single transaction ( [13], p.147). Electronic financial services are driven by several factors, including technology, globalization, regulation, entrepreneurship, money, and competition ( [14], p.367). Therefore, a new reality will form the future of digital banking, where e-money can be easily moved without needing a financial institution to facilitate the transfer of funds ( [14], p.391).
Due to the vulnerability of the digital banking industry to a range of cyberattacks, security has become a priority. Banks are expected to maintain and upgrade security measures such as virus controls, password protection, intrusion detection, and technical system updates regularly, according to federal regulations ( [14], p.392). Banks' expanded digital offerings necessitate developing more comprehensive technology solutions that are safe, secure, and dependable. Additionally, this technical design must connect the bank's legacy systems to a common thread across them ( [14], p.392).
According to Mukherjee and Nath [15], the banking industry also suffers from trust due to digitalization. One of the study's key findings was a model of trust for online relationship banking, which indicated that trust is crucial for customers' commitment to online banking [15]. Banks must adapt to their client's changing needs as they migrate to the Internet, but the issue is that most banks still need to prepare [16].
The findings of Fiserv's research measuring the value of digital interaction show that digital banking results in the enhanced generation of revenue, enlarged product holdings and customer retention, decreased customer attrition, and more activities of the transaction [17].
To produce profit for their shareholders, banks must change how they communicate with their customers, and 2 Human Behavior and Emerging Technologies technology plays an increasingly important role. However, rather than being only a transaction processor, this needs a change to long-term business partnerships with consumers and suppliers ( [14], p.366). Banks are already aware of their future route, according to Lebo [18], and are seeking to minimize worries by bringing in digital expertise, becoming more customer-centric, and delivering requested services. Al-Alawi et al. [19] stated that it might be more challenging to identify and prioritize risks and decide which protocols to address threats because banks' cyber responsibilities are spread across numerous divisions. Cawley [20] suggests that the banking sector needs help keeping up with high-tech innovation trends, particularly laws regulating banking system operations. Two-factor authentication, according to Cawley, is a security measure used to defend client bank accounts against online intrusions.
According to Kuepper [21], due to their prompt reporting of stolen funds to the bank, clients experience minimal losses due to banking cyberattacks. In order to minimize each of these threats, significant expenditures in technology and training are necessary ( [22], p. 10). Additionally, customers must cooperate, be aware of the numerous cyber dangers, and respect privacy regarding security measures.
Claessens et al. [23] report that a range of frauds or cybercrimes, such as ATM fraud, cyber money laundering, and credit card fraud, has been seen in the banking industry. Because the banking industry's defensive mechanism has several flaws, Florêncio and Herley [24] contend that strategies to increase awareness of the actions that may be taken to combat cybercrime in the banking sector are needed. Lallie et al. [25] concentrated on cyberattacks and epidemic-related cybercrime. This study's findings can raise people's knowledge of other institutions, such as the government, the media, and other organizations. The study's findings can be used to educate the general public on the procedures that should be done to prevent cyberattacks and other crimes [25].
Information security is dependent on three main pillars: people, processes, and technology, according to a study on cybersecurity through employee hacking [26]. The empirical results of surveys and in-depth interviews with information security managers and users indicate a digital divide between these groups regarding their perspectives and experiences with information security practices [27]. Da Veiga and Eloff [28] proposed a framework to cultivate an organization's information security culture and provide examples of its use. The research highlighted the significance of establishing an information security culture that institutionalizes information security throughout the organization to address behavioural issues. A well-established culture of information security can help reduce the dangers posed by staff members' careless handling of data.
However, this importance depends on users' capacity to make important information security decisions. Information security risks must be explained to all users and their responsibilities for the security process [29]. The cyberbreach of fintech firms increases traditional banks' risk and fraud exposure [30]. As a result, fintech firms must ensure that they follow the cybersecurity rules of the countries where they do business.
According to Lewis and Baker [31], the rise in cybercrime has correlated with the financial inclusion of fintech companies. According to studies, hackers are increasingly targeting fintech organizations and the businesses of their partners [32]. The banking industry's most serious issue is the need for more technological adoption. One source of danger for Internet banking customers is their behaviour regarding online banking [33]. If an Internet banking security risk exists, monetary losses may occur. Security breaches are becoming more widespread in the banking and finance industries [34].
The existing literature primarily focused on customers' preferences, contentment, and experiences with cybersecurity. However, researchers did not find any significant studies focusing on customer awareness of cybersecurity factors and their impact on their satisfaction with banking services. Researchers also discovered a significant research gap in customers' satisfaction with current cybersecurity help provided by banks and their expectations for technical support and cybersecurity awareness programs from banks. The current research is aimed at filling this gap.

Objectives of the Study
This study has been done keeping in view the following objectives: (1) To analyze the customer's cybersecurity awareness, including cyberattacks, phishing attacks, and hacking (2) To determine the customer's satisfaction with the bank's monitoring and cybersecurity services (3) To find out the customer's expectations from banks to make them aware of cybersecurity

The Research Model and Hypotheses
Based on the analysis of the literature review and the advice of the expert in cybersecurity, the study identified five independent variables: cyberattacks, phishing attacks, hacking, cybersecurity services and assistance offered by banks, and technical support and training and development on cybersecurity by banks. To understand the impact of these variables, the study identified two dependent variables: customer awareness of cybersecurity and customer satisfaction with cybersecurity. To measure the study's objectives, these variables were used to create the proposed hypothesis and became the background of the proposed research model.
The following hypotheses are being tested following the study's stated goals and proposed model: H1. Customer's awareness of cyberattack will influence the customer's awareness of cybersecurity H2. Customer's awareness of phishing attacks will influence the customer's awareness of cybersecurity H3. Customer's awareness of hacking of mobile apps and Internet banking activities will influence the customer's awareness of cybersecurity 3 Human Behavior and Emerging Technologies H4. Customers' satisfaction will be influenced by robust cybersecurity services and assistance offered by banks H5. Customers' satisfaction will be influenced by technical support and training and development on cybersecurity by banks The conceptual framework used in this study is shown in Figure 1.

Methodology
5.1. Data Collection and Sampling. The research method used in this study is descriptive and quantitative. The study incorporated both primary and secondary data. Primary sources include a structured questionnaire. The secondary sources include research articles, journals, business magazines, and published literature.
A structured questionnaire, constructed with the help of available literature, was utilized to collect the data from the respondents. The questionnaire contained 29 questions related to awareness of cyberattacks, hacking, and phishing activities, by which users are generally affected and become victims of such attacks. To formulate the survey questions, an extensive literature review was conducted. The previously published papers were studied and thoroughly examined to explore the possible literature related to the present study. The literature was used to create the statement-based questions which became part of our questionnaire. We also referred to the YouTube video of the cybersecurity experts and explored their comments in designing the questions for the questionnaire. The 29 questions used in the survey questionnaire result from this process.
We also pretested the questionnaire with 55 respondents, and after successful testing of the questionnaire, the final questionnaire was sent for data collection. Convenience random sampling, a nonprobability sampling, was used to collect the data. Questions related to customers' satisfaction with cybersecurity assistance provided by the banks and their expectations of the technical support were also included in the questionnaire. The responses were measured using a five-point Likert scale, where 5 = strongly agree and 1 = strongly disagree. The data was gathered by the convenience sample method. Three hundred and fifty-five people responded to the questionnaire and submitted their responses.

Data Analysis.
The data gathered in this study were analyzed using a statistical package for social sciences (SPSS). Appropriate statistical tools were used to examine the collected data. A descriptive statistic was employed to describe the frequencies and percentages of the respondents' demographic profiles. The relationship between the variables was examined using correlation analysis. The hypotheses were tested using analysis of variance (ANOVA) and regression analysis.
The study's analysis is divided into two sections. The customer's awareness of cyberattacks, phishing, and hacking was investigated in the first section. The second section examined the customer's satisfaction with cybersecurity awareness assistance by the bank and technological support, training, and development on cybersecurity awareness. Table 1 summarizes the respondents' demographic characteristics. 292 (82.82%) of the 355 responders were men, while 61 (17.18%) were women. 14 (3.94%) respondents were under the age of 20, 200 (56.34%) respondents were between the ages of 20 and 40, 89 (25.07%) respondents were between the ages of 40 and 50, 44 (12.39%) respondents were between the ages of 50 and 60, and 8 (2.25%) respondents were over the age of 60. 35 (9.86%) respondents had a diploma, 145 (40.85%) had a bachelor's degree, 140 (39.44%) had a master's degree, and 35 (9.86%) had a Ph.D. A total of 188 respondents (52.96%) were self-employed, 137 (38.59%) worked for the government, and 30 (8.45%) had their enterprises. 347 (97.75%) of the participants had bank accounts, while 8 (2.25%) did not have bank accounts. For their financial transactions, many respondents chose mobile banking and Internet banking on laptops and desktops, which is a good indicator for analysis. The descriptive statistics in Table 2 are based on the mean, standard deviation, and minimum and maximum values. Table 2 represents the descriptive statistics of independent variables. By observing the mean, standard deviation, and minimum and maximum values indicated in Table 2, it could be summarized that all three variables have a significant role in the customer's awareness of cybersecurity. However, the impact of hacking has a high impact as compared to phishing and cyberattacks.

Descriptive Statistics.
We have also analyzed the individual score of each activity, and based on mean values, it was found that the customers are aware of cyberattacks, phishing, and hacking. However, there are a few activities of which they need more awareness. Customers need to gain more knowledge about getting secured against all types of cyberattacks and how to protect mobile banking apps and Internet banking from cyberattacks, phishing, and hacking while using them on smartphones and laptops/desktops. Customers also do not use a separate smartphone and laptop/desktop for online banking services; however, it is strongly recommended. Customers' knowledge is also less in case of awareness on identifying suspicious phone calls, e-mails, and SMS causing phishing attacks. Most customers also do not use a firewall program to safeguard laptops/desktops from unauthorized access. Customers generally do not give preference awareness about the safety features of the Internet while using banking activities on smartphones and laptops/desktops and use the on-screen virtual keyboard for providing the password for mobile banking apps and Internet banking because it decreases the chance of password theft.

Reliability Test.
The reliability analysis (Cronbach's alpha) was used to analyze the internal consistency of the constructs. SPSS was used to examine the reliability of each construct. Reporting Cronbach's alpha coefficient for measuring the internal consistency reliability is essential for the scales if Likert-type scales have been used in a research  5 Human Behavior and Emerging Technologies method [35]. Table 3 summarizes the constructions' reliability as well as their interpretations. Cronbach's alpha ranged from 0.812 to 0.901, indicating that the internal consistency of the data acquired was of good level and reliable. This demonstrates that the scale used to collect data was trustworthy and sufficient for the inquiry. Table 4 shows the relationship between the dependent variables and independent variables. Typically, the test results are contrasted using Pearson's correlation coefficient [36]. According to Litwin [37], a correlation coefficient value of less than 0.7 is considered good. There was a significant association among awareness of cyberattacks (r ð355Þ = 0:35, p < 0:05), awareness of phishing attacks (r ð355Þ = 0:13, p < 0:05), awareness of hacking (r ð355Þ = 0:51, p < 0:05), and customer's awareness of cybersecurity.

Regression Analysis.
Bivariate regression analysis was utilized to test the study's hypotheses. The ANOVA of the three regression predictor model is shown in Table 5. The findings of the regression analysis are summarized in Table 6, and the coefficients of the regression models are shown in Table 7. At the 0.05 level of significance, all three predictors significantly impacted the customer's awareness of cybersecurity.
Referring to Table 7, the third predictor has the most significant impact on the customer's awareness of cybersecurity (β = 0:500, t = 6:413, p < 0:05). The impact of the first predictor (β = 0:319, t = 4:005, p < 0:05) is after the third predictor. However, the impact of the second predictor was not found to be significant in the model (β = 0:158, t = 6:1:509, p > 0:05). Table 8 represents the descriptive statistics of independent variables. Table 8 shows that cybersecurity awareness assistance by the bank to their existing customers is appropriate, and they have significant awareness of these types of assistance. However, as per the mean value, it is revealed that customers need more technological support, training, and development on their cybersecurity. Table 9 shows the correlation between the dependent and independent variables. There was a strong correlation between cybersecurity awareness assistance by the bank (r ð355Þ = 0:40, p < 0:05), technological support, training and development on cybersecurity awareness (r ð355Þ = 0:44, p < 0:05), and customer's satisfaction with cybersecurity.

Regression
Analysis. The ANOVA for the two regression predictor models is depicted in Table 10. Table 11 presents a summary of the regression analysis results, whereas Table 12 presents the coefficients of the regression models. At the 0.05 level of significance, it was proven that both predictors were statistically significant and that they had a statistically significant effect on the customer's satisfaction with cybersecurity.
According to the values of Table 12, the first predictor has the most significant impact on the customer's satisfaction with cybersecurity (β = 0:465, t = 4:777, p < 0:05). The impact of the second predictor (β = 0:366, t = 5:321, p < 0:05) is after the first predictor. Both predictors were found to be significant in the model.

Results and Discussion
The main objective of this research is to investigate and explore the customer's awareness of cybersecurity in mobile banking apps and Internet banking. The study explores the customer's awareness of cyberattacks, phishing, and hacking. The study is also aimed at assessing the customer's       satisfaction with cybersecurity services offered by the banks and their expectation of technical support and cybersecurity awareness program provided by banks. The study is divided into two parts. In the first part, the customer's awareness of cybersecurity was analyzed, focusing on cyberattacks, phishing, and hacking. In the second part of the study, the customer's satisfaction with the cybersecurity assistance and customer's expectations from the bank related to cybersecurity was studied.
It is highly suggested to raise the awareness of banking sector cybercrime prevention techniques due to the banking industry's flawed defense mechanism [24]. The results of the ANOVA indicated that customers are aware of cyberattacks, phishing attacks, and hacking, but the level of awareness is not the same in all three types of attacks. Awareness level is more in cyberattacks and hacking but less in phishing attacks.
The first independent variable, cyberattack, is significant in customer satisfaction, indicating that customer satisfaction with cyberattack awareness is satisfactory. If banks increase customer awareness of cyberattacks, their satisfaction with digital services will increase. The second independent variable, phishing, is found insignificant in customer satisfaction, indicating that customer satisfaction with phishing awareness could be more satisfactory. This insignificance is due to the customers' awareness of the identification of such e-mails, phone calls, and SMS, which cause phishing attacks, which is significantly less. We did not find any evidence from sample data about phishing attacks; however, the data shows that customers are aware of this attack.    The third independent variable, hacking, is significant in customer satisfaction, indicating that customer satisfaction with hacking awareness is satisfactory. This signifies that customers will be more satisfied with the banks' digital services when they increase their awareness of hacking-related information.
In the second part of the analysis, the bank's first independent variable, cybersecurity assistance, is found to be significant in customer satisfaction, indicating that customers require more cybersecurity features from banks to safeguard them against all types of cyberattacks. The second independent variable, the customer's expectation of technical support and training and development on cybersecurity, is also significant in customer satisfaction. This indicates that customers need a technical support facility where their smartphone or laptop/desktop on which they frequently use mobile banking apps and Internet banking should be checked by banks regularly. Customers also require regular training by banks in using mobile banking applications and Internet banking to increase their awareness of cybersecurity.
According to employee hacking research, information security depends on people, processes, and technology [26]. The results drawn from this study will be helpful for customers to understand the importance of types of cybersecurity, and they will understand which activity is labelled as cyberattack, phishing, and hacking. Users' information security decision-making abilities determine this importance. Users must understand information security threats and their security duties [29]. The study will help them to understand the significance of cybersecurity awareness so that the chance of such attacks could be decreased. Device management and updating are essential to cybersecurity [38]. The customers will be required to increase their awareness level on various technical and user interface-related aspects by which they can reduce the chance of getting cyber victims. The study suggests that banks understand the role of cybersecurity awareness on customer satisfaction and make solid efforts to increase the cybersecurity awareness of their customers. The results also suggest that the Saudi Arabian Monetary Authority, the regulator of the banking sector in Saudi Arabia, should motivate banks to organize cybersecurity awareness camps and regular training and development on technical assistance to use mobile banking apps and Internet banking services for their customers from safeguarding them from possible cyberattacks.

Conclusions and Implications
The present study provides a better platform and a greater understanding of various issues related to cybersecurity awareness among customers and its influence on their satisfaction level. There has been an enormous increase in mobile banking and Internet banking in the digital transformation era. This facility provides multiple benefits such as easy online money transfer up to a specific limit, payment of utility bills, recharge, and many more. Some important implications could be drawn based on the study's findings and analysis. According to the results, customers are aware of cybersecurity, and their level of awareness influences their satisfaction with digital banking services. Cybersecurity indicators, cyberattacks, and hacking are significant predictors, and one indicator, phishing, is an insignificant predictor for the dependent variable, customer satisfaction. The descriptive statistics analysis shows that customers know about cyberattacks, phishing, and hacking. To increase their satisfaction with cybersecurity, they need technical assistance from the bank and regular training and development. ANOVA results indicated a difference in the awareness level of customers' satisfaction with cyberattack, phishing, and hacking. The correlation between dependent and independent variables is also found to be significant.
The correlation between cyberattack and hacking is more significant than phishing on customer satisfaction. Further, a significant correlation is found between cybersecurity assistance by the bank and technical support on customer satisfaction.
It can be concluded that irrespective of customers' present awareness of their cybersecurity, they will be more satisfied if banks get them educated on cyberattacks, phishing attacks, and hacking. If a bank organizes regular cybersecurity awareness camps and provides necessary training and development on technical support to their customers, their satisfaction level with banking digital services will increase.

Data Availability
The data used to support the findings of this study are included within the article.

Conflicts of Interest
The authors declare that they have no conflicts of interest.