FACTORS INFLUENCING ON CYBER SECURITY THREATS IN E-COMMERCE PRACTITIONERS: EVIDENCE

FROM CENTRAL PROVINCE OF SRI LANKA

In recent years, the global landscape of commerce has witnessed a significant shift towards
online platforms, with e-commerce becoming an integral component of modern business
operations. The Central Province of Sri Lanka, like many regions around the world, has
embraced this digital transformation, witnessing a surge in the adoption of e-commerce by
businesses of all sizes. While this transition has brought about numerous benefits, it has also
exposed e-commerce practitioners to an array of cybersecurity threats that have the potential to
compromise the confidentiality, integrity, and availability of sensitive data. The research explores
the evolving cyber threats and vulnerabilities faced by businesses in the context of commerce. It
delves into the tactics and strategies employed by cybercriminals, examining the most common
forms of cyberattacks, including data breaches, ransomware, and phishing, and their
consequences on commerce stakeholders.

The explosive growth of e-commerce has brought immense benefits, but also spawned a
burgeoning threat landscape. Understanding the factors influencing cyber security threats in this
domain is crucial for safeguarding businesses and consumers.

E-commerce is booming, attracting more businesses and consumers daily. This rapid expansion
creates a vast and ever-evolving attack surface for cybercriminals. Complex platforms, diverse
payment methods, and mountains of stored data exacerbate the challenge of securing these
systems. (Source: Cavusoglu et al., 2020)

Cybercriminals are relentless innovators, constantly devising new attack methods. While
traditional phishing and malware persist, targeted attacks, ransomware, and data breaches are on
the rise. New technologies like blockchain and AI introduce fresh vulnerabilities eagerly
exploited by attackers. (Source: Alshammari & Al-Omar, 2019)

Many e-commerce practitioners, especially small and medium-sized businesses, lack the
awareness and resources to implement robust cybersecurity measures. Limited budgets,
inadequate training, and a false sense of security leave them vulnerable to basic attacks. A weak
cybersecurity culture can lead to human errors and insider threats, further complicating matters.
(Source: Dwivedi et al., 2019)
Personal and financial data collected by e-commerce businesses has become immensely
valuable, attracting cybercriminals. This data fuels identity theft, fraud, financial gain, and even
blackmail. The demand for personalized shopping experiences amplifies the risk, as businesses
collect and store even more sensitive customer information. (Source: OECD/G20 Global Forum
on Digital Economy, 2018)

A complex and evolving regulatory landscape governs the e-commerce industry, with various
data privacy and security laws in place. Keeping up with these regulations and ensuring
compliance can be a significant burden, especially for businesses operating across borders. Non-
compliance can lead to hefty fines, reputational damage, and even business closure. (Source:
OECD/G20 Global Forum on Digital Economy, 2018)

The interconnected nature of the internet allows cybercriminals to operate from anywhere,
targeting businesses and consumers globally. This makes tracking down and holding attackers
accountable difficult, even after successful breaches. International data flows raise complex legal
and jurisdictional issues, further hindering effective law enforcement. (Source: Alshammari &
Al-Omar, 2019)

These factors paint a worrying picture of the e-commerce cybersecurity landscape. However, by
acknowledging these challenges and proactively addressing them, businesses and consumers can
collaboratively build a more secure and resilient digital marketplace

PROBLEM STATEMENT

Even though technology provides tremendous opportunities for the business sector, the
challenges accompanying these opportunities cannot be ignored. One of the challenges is in the
form of a cyber security threat, the intensity of which is increasing day by day.

Cybersecurity threats are escalating in the e-commerce industry, posing significant risks to both
businesses and consumers. Despite the rapid growth and immense potential of e-commerce, a
confluence of factors creates fertile ground for cybercriminals, jeopardizing the security and
sustainability of this vital economic sector. Cavusoglu et al. (2020) highlight the expanding
attack surface in e-commerce due to its rapid growth and complex ecosystem. Dwivedi et al.
(2019) emphasize the lack of awareness and resources among e-commerce practitioners, leaving
them vulnerable to even basic attacks. Alshammari & Al-Omar (2019) point to the evolving
threat landscape, with cybercriminals exploiting new technologies and targeting valuable data.

The rapid proliferation of e-commerce in the Central Province of Sri Lanka has presented a
dynamic and evolving landscape for businesses, with an increasing reliance on digital platforms
for operations and transactions. However, this digital transformation has concurrently exposed e-
commerce practitioners to a heightened risk of cybersecurity threats. The absence of a
comprehensive understanding of the factors influencing cybersecurity threats in this specific
context poses a significant challenge, hindering the development of targeted and effective
security strategies.

This study aims to address this gap by systematically investigating and identifying the factors
influencing cybersecurity threats in e-commerce practitioners within the Central Province of Sri
Lanka. Through a thorough examination of these factors, the research intends to contribute
actionable insights that can inform the development of targeted cybersecurity strategies, policy
recommendations, and educational initiatives to enhance the overall cybersecurity resilience of e-
commerce operations in the region. By doing so, this study seeks to contribute to the creation of
a secure and resilient digital environment that fosters the sustainable growth of e-commerce in
the Central Province.

Research Questions

1. What are the concerns about the cybersecurity threats in e-commerce?

Research objectives

 The research aims to explore the concerns about cyber security threats in e-commerce
with a focus on social engineering, denial of services, Malware, and Attacks on Personal
Data and provide a managerial solution.

Conceptual Framework
Technology level
Cyber security threats Organizational level
in E-commerce

Human level

Research Methodology
ITEM Approach

Research philosophy positivism

Research approach Deductive

Data collection method Journals, articles

Sampling technique Simple random sampling

Unit of analysis Individual

Data collection method Descriptive analysis, Pearson correlation Analysis

Study setting Non contrived

References
Abdelhamid, M., Kisekka, V., and Samonas, S. (2019). Mitigating e-services avoidance: the role of
government cybersecurity preparedness. Inform. Comput. Secur. 27, 26–46. doi: 10.1108/ICS-02-2018-
0024.

Ahmadian, S. (2021). Review of e-commerce service delivery models. Arman Process J. 2, 14–20.

Dykstra, J. (2017). Cyber issues related to social and behavioral sciences for national security.
National Security Agency. White Paper. Availble online at:
https://sites.nationalacademies.org/cs/groups/dbassesite/documents/webpage/ dbasse_177250.pdf
(accessed January 2, 2022).

Hooks, D., Davis, Z., Agrawal, V., and Li, Z. (2022). Exploring factors influencing technology adoption rate
at the macro level: A predictive model. Technol. Soc. 68:101826. doi: 10.1016/j.techsoc.2021.101 826.

Horne, C. A., Ahmad, A., and Maynard, S. B. (2016). “A Theory on information security,” in proceedings of
the Australasian Conference on Information Systems. Wollongong, NSW.

Kian pour, M., Kowalski, S. J., and Øverby, H. (2021). Systematically understanding cybersecurity
economics: A Survey. Sustainability 13:13677. doi: 10.3390/su132413677.

Metalidou, E., Marinagi, C., Trivellas, P., Eberhagen, N., Skourlas, C., and Giannakopoulos, G. (2014). The
human factor of information security: Unintentional damage perspective. Procedia Soc. Behav. Sci. 147,
424–428. doi: 10.1016/j.sbspro.2014.07.133

Pusey, P., and Sadera, W. A. (2011). Cyberethics, cybersafety, and cybersecurity. J. Digit. Learn. Teach.
Educ. 28, 82–85. doi: 10.1080/21532974.2011.1078 4684.

Schatz, D., Bashroush, R., and Wall, J. (2017). Towards a more representative definition of cyber security.
J. Digit. Forensics Secur. Law 12, 1558–7215. doi: 10.15394/jdfsl.2017.1476.

Snihur, Y., Lamine, W., and Wright, M. (2021). Educating engineers to develop new business models:
Exploiting entrepreneurial opportunities in technologybased firms. Technol. Forecast. Soc. Change
164:119518. doi: 10.1016/j.techfore. 2018.11.011.

Team, E. (2022). Must-know cyber-attack statistics and trends, business advice & research. Available
online at: https://www.embroker.com/blog/cyber-attackstatistics (accessed March 27, 2022).

Wirth, A. (2017). The economics of cybersecurity. Biomed. Instrum. Technol. 51, 52–59. doi:
10.2345/0899-8205-51.s6.52.
Zwilling, M., Klien, G., Lesjak, D., Wiechetek, Ł, Cetin, F., and Basim, H. N. (2022). Cyber security
awareness, knowledge and behavior: A comparative study. J. Comput. Inf. Syst. 62, 82–97. doi:
10.1080/08874417.2020.1712269.