The purpose of this dissertation was to implement an effective information security strategy to prevent e-fraud in a Nigerian commercial bank. The research applied three theoretical frameworks: the NIST Cybersecurity Framework, COBIT 5 for Information Security, and PCI DSS. Using qualitative techniques—group strategy discussions with management and interviews with team leads responsible for information security—the study found that ineffective information security management strategies contributed to escalating e-fraud. The dissertation recommends adopting the NIST Cybersecurity Framework and a layered control approach to effectively combat e-fraud.
Cybersecurity; COBIT 5; Preventive Control; Corrective Control; Detective Control; Deterrent Control; Compensating Control; Confidentiality; Integrity; Availability; ISO 27001; PCI DSS; e-fraud prevention.