Cybersecurity Challenge Analysis of Work-from-Anywhere (WFA) and Recommendations guided by a User Study

• URL: http://arxiv.org/abs/2409.07567v1
• Date: Wed, 11 Sep 2024 18:47:04 GMT
• Title: Cybersecurity Challenge Analysis of Work-from-Anywhere (WFA) and Recommendations guided by a User Study
• Authors: Mohammed Mahyoub, Ashraf Matrawy, Kamal Isleem, Olakunle Ibitoye,
• Abstract summary: Many organizations were forced to quickly transition to the work-from-anywhere (WFA) model as a necessity to continue with their operations and remain in business despite the restrictions imposed during the COVID-19 pandemic. This paper attempts to uncover some challenges and implications related to the cybersecurity of the WFA model. We conducted an online user study to investigate the readiness and cybersecurity awareness of employers and their employees who shifted to work remotely from anywhere.
• Score: 1.1749564892273827
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Many organizations were forced to quickly transition to the work-from-anywhere (WFA) model as a necessity to continue with their operations and remain in business despite the restrictions imposed during the COVID-19 pandemic. Many decisions were made in a rush, and cybersecurity decency tools were not in place to support this transition. In this paper, we first attempt to uncover some challenges and implications related to the cybersecurity of the WFA model. Secondly, we conducted an online user study to investigate the readiness and cybersecurity awareness of employers and their employees who shifted to work remotely from anywhere. The user study questionnaire addressed different resilience perspectives of individuals and organizations. The collected data includes 45 responses from remotely working employees of different organizational types: universities, government, private, and non-profit organizations. Despite the importance of security training and guidelines, it was surprising that many participants had not received them. A robust communication strategy is necessary to ensure that employees are informed and updated on security incidents that the organization encounters. Additionally, there is an increased need to pay attention to the security-related attributes of employees, such as their behavior, awareness, and compliance. Finally, we outlined best practice recommendations and mitigation tips guided by the study results to help individuals and organizations resist cybercrime and fraud and mitigate WFA-related cybersecurity risks.

Related papers

• A Survey-Based Quantitative Analysis of Stress Factors and Their Impacts Among Cybersecurity Professionals [0.0]
  This study investigates the prevalence and underlying causes of work-related stress and burnout among cybersecurity professionals. 44% report experiencing severe work-related stress and burnout, while an additional 28% are uncertain about their condition. The demanding nature of cybersecurity roles, unrealistic expectations, and unsupportive organizational cultures emerge as primary factors fueling this crisis.
  arXiv  Detail & Related papers  (2024-09-18T15:18:33Z)
• We need to aim at the top: Factors associated with cybersecurity awareness of cyber and information security decision-makers [0.0]
  We study cybersecurity awareness of cyber and information security decision-makers. Our findings indicate that awareness of well-known threats and solutions seems to be quite low for individuals in decision-making roles.
  arXiv  Detail & Related papers  (2024-04-06T20:32:19Z)
• A Safe Harbor for AI Evaluation and Red Teaming [124.89885800509505]
  Some researchers fear that conducting such research or releasing their findings will result in account suspensions or legal reprisal. We propose that major AI developers commit to providing a legal and technical safe harbor. We believe these commitments are a necessary step towards more inclusive and unimpeded community efforts to tackle the risks of generative AI.
  arXiv  Detail & Related papers  (2024-03-07T20:55:08Z)
• Graph Mining for Cybersecurity: A Survey [61.505995908021525]
  The explosive growth of cyber attacks nowadays, such as malware, spam, and intrusions, caused severe consequences on society. Traditional Machine Learning (ML) based methods are extensively used in detecting cyber threats, but they hardly model the correlations between real-world cyber entities. With the proliferation of graph mining techniques, many researchers investigated these techniques for capturing correlations between cyber entities and achieving high performance.
  arXiv  Detail & Related papers  (2023-04-02T08:43:03Z)
• Global Pandemics Influence on Cyber Security and Cyber Crimes [5.8010446129208155]
  COVID-19 has caused widespread damage across many areas of life and has made humans more dependent on the internet and technology. This paper examines the different types of security threats and cyber crimes that people faced in the pandemic time and the need for a safe and secure cyber infrastructure.
  arXiv  Detail & Related papers  (2023-02-24T05:26:42Z)
• Towards Automated Classification of Attackers' TTPs by combining NLP with ML Techniques [77.34726150561087]
  We evaluate and compare different Natural Language Processing (NLP) and machine learning techniques used for security information extraction in research. Based on our investigations we propose a data processing pipeline that automatically classifies unstructured text according to attackers' tactics and techniques.
  arXiv  Detail & Related papers  (2022-07-18T09:59:21Z)
• Proceedings of the Artificial Intelligence for Cyber Security (AICS) Workshop at AAAI 2022 [55.573187938617636]
  The workshop will focus on the application of AI to problems in cyber security. Cyber systems generate large volumes of data, utilizing this effectively is beyond human capabilities.
  arXiv  Detail & Related papers  (2022-02-28T18:27:41Z)
• Dataset Security for Machine Learning: Data Poisoning, Backdoor Attacks, and Defenses [150.64470864162556]
  This work systematically categorizes and discusses a wide range of dataset vulnerabilities and exploits. In addition to describing various poisoning and backdoor threat models and the relationships among them, we develop their unified taxonomy.
  arXiv  Detail & Related papers  (2020-12-18T22:38:47Z)
• Dos and Don'ts of Machine Learning in Computer Security [74.1816306998445]
  Despite great potential, machine learning in security is prone to subtle pitfalls that undermine its performance. We identify common pitfalls in the design, implementation, and evaluation of learning-based security systems. We propose actionable recommendations to support researchers in avoiding or mitigating the pitfalls where possible.
  arXiv  Detail & Related papers  (2020-10-19T13:09:31Z)
• SMEs' Confidentiality Concerns for Security Information Sharing [1.3452510519858993]
  Small and medium-sized enterprises are considered an essential part of the EU economy, however, highly vulnerable to cyberattacks. This paper presents the results of semi-structured interviews with seven chief information security officers of SMEs to evaluate the impact of online consent communication on motivation for information sharing. The findings demonstrate that online consent with multiple options for indicating a suitable level of agreement improved motivation for information sharing.
  arXiv  Detail & Related papers  (2020-07-13T10:59:40Z)
• Surveying Vulnerable Populations: A Case Study of Civil Society Organizations [9.467149414264039]
  We conducted an anonymous online survey with 102 CSO employees to collect information about their perceived risks of different security and privacy threats. We uncovered several issues with our methodology, including the length of the survey, the framing of the questions, and the design of the recruitment email. We hope that the discussion presented in this paper will inform and assist researchers and practitioners working on understanding and improving the security and privacy of CSOs.
  arXiv  Detail & Related papers  (2020-03-19T05:30:21Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.