Cybersecurity Challenge Analysis of Work-from-Anywhere (WFA) and Recommendations guided by a User Study

arXiv - CS - Cryptography and Security Pub Date : 2024-09-11 DOI:arxiv-2409.07567

Mohammed Mahyoub, Ashraf Matrawy, Kamal Isleem, Olakunle Ibitoye

{"title":"Cybersecurity Challenge Analysis of Work-from-Anywhere (WFA) and Recommendations guided by a User Study","authors":"Mohammed Mahyoub, Ashraf Matrawy, Kamal Isleem, Olakunle Ibitoye","doi":"arxiv-2409.07567","DOIUrl":null,"url":null,"abstract":"Many organizations were forced to quickly transition to the\nwork-from-anywhere (WFA) model as a necessity to continue with their operations\nand remain in business despite the restrictions imposed during the COVID-19\npandemic. Many decisions were made in a rush, and cybersecurity decency tools\nwere not in place to support this transition. In this paper, we first attempt\nto uncover some challenges and implications related to the cybersecurity of the\nWFA model. Secondly, we conducted an online user study to investigate the\nreadiness and cybersecurity awareness of employers and their employees who\nshifted to work remotely from anywhere. The user study questionnaire addressed\ndifferent resilience perspectives of individuals and organizations. The\ncollected data includes 45 responses from remotely working employees of\ndifferent organizational types: universities, government, private, and\nnon-profit organizations. Despite the importance of security training and\nguidelines, it was surprising that many participants had not received them. A\nrobust communication strategy is necessary to ensure that employees are\ninformed and updated on security incidents that the organization encounters.\nAdditionally, there is an increased need to pay attention to the\nsecurity-related attributes of employees, such as their behavior, awareness,\nand compliance. Finally, we outlined best practice recommendations and\nmitigation tips guided by the study results to help individuals and\norganizations resist cybercrime and fraud and mitigate WFA-related\ncybersecurity risks.","PeriodicalId":501332,"journal":{"name":"arXiv - CS - Cryptography and Security","volume":"18 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-09-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"arXiv - CS - Cryptography and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/arxiv-2409.07567","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Many organizations were forced to quickly transition to the work-from-anywhere (WFA) model as a necessity to continue with their operations and remain in business despite the restrictions imposed during the COVID-19 pandemic. Many decisions were made in a rush, and cybersecurity decency tools were not in place to support this transition. In this paper, we first attempt to uncover some challenges and implications related to the cybersecurity of the WFA model. Secondly, we conducted an online user study to investigate the readiness and cybersecurity awareness of employers and their employees who shifted to work remotely from anywhere. The user study questionnaire addressed different resilience perspectives of individuals and organizations. The collected data includes 45 responses from remotely working employees of different organizational types: universities, government, private, and non-profit organizations. Despite the importance of security training and guidelines, it was surprising that many participants had not received them. A robust communication strategy is necessary to ensure that employees are informed and updated on security incidents that the organization encounters. Additionally, there is an increased need to pay attention to the security-related attributes of employees, such as their behavior, awareness, and compliance. Finally, we outlined best practice recommendations and mitigation tips guided by the study results to help individuals and organizations resist cybercrime and fraud and mitigate WFA-related cybersecurity risks.

查看原文本刊更多论文

随时随地办公 (WFA) 的网络安全挑战分析和用户研究提出的建议

尽管在 COVID-19 大流行期间实施了各种限制，但许多组织仍被迫迅速过渡到 "无处不在"（WFA）模式，以继续开展业务并保持经营。许多决策都是在匆忙中做出的，网络安全体面工具也没有到位，无法为这一过渡提供支持。在本文中，我们首先试图揭示与世界粮食计划署模式的网络安全相关的一些挑战和影响。其次，我们开展了一项在线用户研究，调查雇主及其员工在转向随时随地远程工作方面的准备情况和网络安全意识。用户研究调查问卷涉及个人和组织的不同复原力观点。收集到的数据包括来自不同组织类型（大学、政府、私营和非营利组织）远程工作员工的 45 份回复。尽管安全培训和指南非常重要，但令人惊讶的是，许多参与者并没有接受过这些培训和指南。此外，我们还需要更多地关注员工与安全相关的属性，如他们的行为、意识和合规性。最后，我们概述了以研究结果为指导的最佳实践建议和缓解提示，以帮助个人和组织抵御网络犯罪和欺诈，降低与 WFA 相关的网络安全风险。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

arXiv - CS - Cryptography and Security

自引率

0.00%

发文量