In an increasingly complex digital environment, organizations face sophisticated cyber threats that challenge traditional risk management models. Although regulatory frameworks such as ISO 27001, NIST, and NIS2 exist, many organizations adopt a compliance-focused approach rather than a proactive one. This study examines the transition from reactive to proactive cyber risk management within a financial organization, highlighting the integration of self-assessment processes and advanced technological solutions. The research identifies key challenges, assesses the impact of implemented measures, and proposes a structured model for enhancing cyber resilience. The findings suggest that aligning IT security with business objectives and leveraging cutting-edge technologies significantly contribute to risk reduction and improved organizational preparedness.

International Organization for Standardization (ISO) ISO 27001: Information Security Management Systems – Requirements. ISO, ISO 31000: Risk Management – Guidelines. ISO, 2018

Cremer, F., Sheehan, B., Fortmann, M., Mullins, M., Murphy, F., Materne, S., Bridging the Cyber Protection Gap: An Investigation into the Efficacy of the Cyber Insurance Market, Risk Manage Insurance Review, Wiley, ISSN 15406296, 2024

Nae of Standards and Technology (NIST) NIST Cybersecurity Framework (CSF). NIST, U.S. Department of Commerce, 2020 .

ISACA Risk IT Framework: Balancing Cost, Benefit, and Risk in IT Risk Management. ISACA, 2020

Institute of Internal Auditors (IIA) Risk in Focus 2025: Hot Topics for Internal Auditors. European Confederation of Institutes of Internal Auditing, 2024

Eling, M., Jung, K., Optimism bias and its impact on cyber risk management decisions. Risk Sciences, 1 (2024)

Chung, S., One Size Does Not Fit All: The Value of Information and Coexistence of Rating, Risk Manage Insurance Review, Wiley, ISSN 15406296, 2024

Society for Risk Analysis (SRA) SRA Glossary: Terminology and Definitions in Risk Analysis. Society for Risk Analysis, August 2018

Tolah, A., Malatji, M., Understanding the Impact of Artificial Intelligence in Shaping Cybersecurity Culture. Applied Sciences, MDPI, ISSN 2076-3417, 2023

Kim, D., Lee, J., Development of a Web-Based Tool for Climate Change Risk Assessment in the Business Sector, Sustainability, MDPI, ISSN 2071-1050, 2016

Björnsdottir, S. H., Jensson, P., Thorsteinsson, S. E., Dokas, I. M., de Boer, R. J., Benchmarking ISO Risk Management Systems to Assess Efficacy and Help Identify Hidden Organizational Risk, Sustainability, MDPI, ISSN 2071-1050, 2022

Tolah, A., Malatji, M., Understanding the Impact of Artificial Intelligence in Shaping Cybersecurity Culture, Applied Sciences, MDPI, ISSN 2076-3417, 2023

European Commission, ICT Security in Enterprises, Eurostat, 2024

Meskauskas, Z., Kazanavicius, E., About the New Methodology and XAI-Based Software Toolkit for Risk Assessment, Sustainability, MDPI, ISSN 2071-1050, 2022

Eling, M., Jung, K., Optimism Bias and Its Impact on Cyber Risk Management Decisions, Risk Sciences, Elsevier, ISSN 2950-6298, 2024

Blokland, P., Reniers, G., Achieving Organisational Alignment, Safety and Sustainable Performance in Organisations, Sustainability, MDPI, ISSN 2071-1050, 2021

Poveda-Orjuela, P. P., García-Díaz, J. C., Pulido-Rojano, A., Cañón-Zabala, G., Parameterization, Analysis, and Risk Management in a Comprehensive Management System with Emphasis on Energy and Performance (ISO 50001:2018), Energies, MDPI, ISSN 1996-1073, 2020

Selvaseelan, J., Development and Introduction of the Risk-Sentience Auxiliary Framework (RSAF) as an Enabler to the ISO 31000 and ISO 31010 for High-Risk Environments, Administrative Sciences, MDPI, ISSN 2076-3387, 2018

ISACA, Achieving Data Security and Compliance: How to Safeguard Identity, Protect Information, Reduce Risk and Create Value, ISACA, 2020

Deloitte, 2024 TMT Outlook: Technology – Preparing for a Return to Growth in the Tech Market, Deloitte Insights, 2024

Deloitte, 2025 Technology Industry Outlook, Deloitte Insights, 2025

Deloitte, Technology's Impact on Systemic Risk in Financial Services, World Economic Forum and Deloitte Insights, 2024

Ispas, L., Mironeasa, C., Silvestri, A., Risk-Based Approach in the Implementation of Integrated Management Systems: A Systematic Literature Review. Sustainability, 15, 2023

Koen, K., Bouriaud, L., Feindt, P. H., van Wassenaer, L., et al. Roadmap to Develop a Stress Test for Forest Ecosystem Services Supply. One Earth, Elsevier, https://doi.org/10.1016/j.oneear.2021.12.009, 2022

European Confederation of Institutes of Internal Auditing (ECIIA) Risk in Focus 2025: Hot Topics for Internal Auditors. ECIIA, 2024