Paper 4 (first draft)
docx
keyboard_arrow_up
School
University of Massachusetts, Lowell *
*We aren’t endorsed by this school
Course
1020
Subject
English
Date
Apr 3, 2024
Type
docx
Pages
8
Uploaded by MajorRain12503
THE CYBERSECURITY CHALLENGES IN THE AGE OF REMOTE
WORK
Oluwatunmise Aduwo
Kennedy college of science, University of Massachusetts, Lowell
ENGL 1020; College writing II
Michael Silverman
December 6, 2023
1 | P a g e
Introduction
The unprecedented and unforeseen COVID-19 pandemic of 2020 brought about numerous
transformations in all spheres of life both personal and business-wise, among them being the substantial
upswing in remote work and the corresponding surge in cyberattacks. As someone deeply captivated by
the potential benefits of remote working—such as heightened efficiency, flexibility, and a more
harmonious work-life balance—But what caught my attention was that at the same time, there were
more cyberattacks and data breaches happening. This made me want to understand more about how
remote work and cybersecurity are connected. Remote work, hailed as a flexible arrangement allowing
employees to operate from the confines of their homes or alternative locations, brought forth multiple
advantages. It empowered individuals with the freedom to work seamlessly from any chosen location
while simultaneously reducing operational costs for companies traditionally tied to physical office
spaces. Personally, struggling with anxiety issues, the prospect of working within my own space, freed
from the constraints of a crowded office, seemed like a promising solution. However, despite these
apparent benefits, the shift to remote work encountered resistance from many well-established
companies that perceived it as a withdrawal from the conventional work model. Nonetheless, the
forceful impact of the COVID-19 pandemic pushed even the most unwilling organizations to adopt
remote work, thereby introducing unforeseen challenges, particularly in the realm of cybersecurity.
The sudden transition to remote work, while encouraging flexibility and a desirable work-life balance,
concurrently expanded the scope of cybersecurity threats. This shift expanded the battleground that
companies needed to protect, encompassing an increased number of devices, networks, and software.
The cybersecurity landscape, already under strain, faced a surge in cyberattacks and data breaches
consequently (Škiljić, Alina, 2020). Lallie et al. (2021) highlight the alarming increase in cybercriminals
exploiting vulnerabilities introduced by remote work. This is a pressing concern, especially given that
many companies were already strained in terms of security measures. The very tools designed to
facilitate remote collaboration, such as virtual private networks (VPNs) and video conferencing
platforms, became potential targets for malicious activities.
Wang et al. (2021) provide additional insights into the multifaceted benefits of remote work, including
heightened job satisfaction and organizational commitment. However, these authors also acknowledge
the elevated risks associated with this transition. The COVID-19 pandemic acted as a catalyst, propelling
organizations into a remote work environment without adequate preparation, leaving them susceptible
to cyber threats. Felstead and Henseke (2017) and Bloom et al. (2015) offer supplementary support for
the positive aspects of remote work, emphasizing its potential to enhance the overall well-being of
employees. Nevertheless, as remote work became the norm rather than the exception, unanticipated
challenges emerged, demanding a comprehensive investigation into the cybersecurity implications.
2 | P a g e
The severity of cyberattacks in the context of remote work has become a pressing concern in recent
years, transcending mere financial losses. Substantial economic impacts have been reported, with
businesses suffering from the fallout of data breaches and ransomware attacks. Reports indicate that
approximately 83% of organizations experienced more than one data breach in 2023, and ransomware
attacks surged by 13%, equivalent to the cumulative rise over the last five years (Ponemon Institute, IBM
Security, 2023; DBIR Report, 2022). Personal data breaches and privacy violations have also escalated
during the pandemic, emphasizing the importance of privacy protection measures. The psychological
impact of cyberattacks cannot be underestimated. The fear of cyberattacks can lead to anxiety and stress
among individuals, further highlighting the need for robust cybersecurity strategies. From a moral and
ethical perspective, cyberattacks are widely regarded as immoral actions, placing a moral imperative on
organizations to protect the data of their employees and customers.
As I go through all this information, I'm not just trying to figure out why companies get cyberattacked,
but also how much it's gone up because of COVID-19. I want to mix what I'm learning from research with
what I think about it to understand better. I'm not an expert, but I'm hoping this helps see the whole
picture and maybe find ways to deal with it in our work lives. I'm doing this because I want to know more
about how things have changed since the pandemic and how we can be better prepared for what might
come. It's kind of like building a roadmap for how companies can stay strong in the way we work now.
I'm hoping that by looking at all this, we can find smart ways to deal with the challenges and make
working from home safer and more secure for everyone.
Method
The landscape of work underwent a drastic transformation with the onset of the COVID-19 pandemic,
compelling businesses to rapidly embrace remote work for the sake of continuity and employee safety.
While this shift offered newfound flexibility, it also introduced a host of cybersecurity challenges that
demand careful consideration. The purpose of this study is to delve into the factors contributing to the
escalating cyber threats and data breaches in the post-COVID-19 era, with a particular emphasis on the
hypothesis that the hasty adoption of remote work has left numerous companies and employees ill-
equipped to protect their critical data.
In conducting this research, a comprehensive literature review was undertaken to gain insights into the
evolving cybersecurity landscape amid the widespread shift to remote work. The abrupt nature of this
transition caught many organizations off guard, leading to unforeseen challenges, the most pressing of
which is the heightened susceptibility to cyberattacks. By exploring various reports and surveys, we
aimed to discern the key drivers behind the surge in cyber threats and data leaks, shedding light on the
vulnerabilities that cybercriminals exploit in this new work paradigm.
3 | P a g e
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
The COVID-19 pandemic ushered in an era where remote work became the norm rather than the
exception, prompting organizations to reassess their cybersecurity measures. Our focus lies in
understanding the aftermath of this seismic shift, specifically how companies and their employees
grappled with the unanticipated consequences of remote work on data security. Through the analysis of
surveys and reports, we aim to uncover the extent of the unpreparedness that characterized this
transition, offering valuable insights into the gaps that cybercriminals exploit and the urgent need for
enhanced cybersecurity measures in the evolving work landscape.
This study relies on a literature review, drawing on a diverse range of reports and survey data to form a
comprehensive understanding of the challenges posed by the sudden surge in remote work. By
triangulating findings from various sources, we aim to provide a nuanced perspective on the
cybersecurity landscape, facilitating a more informed discussion on the measures necessary to safeguard
critical data in the post-COVID-19 era. Through this research, I hope to contribute to a body of
knowledge that aids organizations in fortifying their cybersecurity defenses against the ever-evolving
threats in an increasingly remote-centric work environment.
Verizon’s 2023 Data Breach Investigations Report (DBIR)
Verizon released its 2023 Data Breach Investigations Report (DBIR) in October 2023. Verizon's 2023 Data
Breach Investigations Report (DBIR) is a significant source of insight into the evolving cybersecurity
landscape. The report's analysis of 16,312 security incidents, with 5,199 confirmed breaches, highlights
some compelling trends. Remarkably, 83% of these breaches involved external actors, many of whom
were financially motivated. The reliance on stolen credentials was particularly concerning, accounting for
74% of breaches, underlining the vulnerability of remote work setups. Industries such as healthcare,
finance, business, and retail emerged as primary targets, with significant impacts on millions of
individuals. Moreover, the sophistication of cybercriminals is on the rise, with tactics like social
engineering and machine learning malware becoming increasingly prevalent. Remote work has exposed
new vulnerabilities, with employees accessing sensitive data through potentially less secure home
networks. The report also quantifies the average cost of a data breach resulting from remote work at
$137,000, emphasizing the need for proactive cybersecurity measures and well-defined policies.
Tessian’s “State of Email Security Report 2022”
Tessian's "State of Email Security Report 2022" provides valuable insights into the persistent risks
associated with email as an attack vector. The report highlights that email remains a primary target for
threat actors seeking access to corporate networks and data. The volume of emails continues to grow,
making it an attractive target. Approximately 30% of organizations experienced over 30 successful
4 | P a g e
phishing attacks in 2022, resulting in data breaches, financial losses, ransomware infections, and account
compromises. Advanced email attacks, particularly impersonation attacks, have proven to be successful,
with 71% of security leaders reporting account compromises. Furthermore, the report indicates that
advanced threats often bypass traditional email defenses, reaching inboxes. This suggests that
businesses are struggling to keep up with evolving threats, emphasizing the importance of advanced
email security solutions, including AI/ML-based approaches, to reduce risk.
Deloitte Report: Impact of COVID-19 on Cybersecurity
Deloitte's reports shed light on the impact of COVID-19 on cybersecurity, providing a broader perspective
on the challenges that companies have faced during the pandemic. Notably, the average cost of a data
breach resulting from remote work was quantified at $137,000. On a more granular level, the City of
London Police reported that since January 2020, more than GBP 11 million had been lost due to COVID-
19-related scams. Switzerland, meanwhile, experienced one in seven respondents to a survey falling
victim to cyberattacks during the pandemic, with inadequate technological infrastructure and insufficient
cyber and data security identified as the primary reasons behind the increased cybercrime risk.
Moreover, employees have noted a surge in fraudulent emails, phishing attempts, and spam in their
corporate email accounts. The reports also reveal that while 81% of respondents reported being able to
work efficiently from home, the remaining 19% perceived that new IT security measures and rules were
hampering their productivity. The healthcare, finance, business, and retail sectors continued to be prime
targets, impacting millions of individuals annually. Overall, the reports suggest that cybersecurity
incidents have increased in the context of remote work, with some companies even experiencing double
the number of incidents. It is evident that cybercriminals have capitalized on social vulnerabilities,
exploiting the unique circumstances of the COVID-19 pandemic.
Discussion
Organizations, as key players in the remote work landscape, must play an active role in fortifying security.
This involves the implementation of robust security policies specifically tailored for remote work
scenarios. Measures such as the use of Virtual Private Networks (VPNs), encryption, regular software
updates, and the development of incident response plans are pivotal components of such policies. This
organizational commitment to security is integral to creating a resilient and secure remote work
environment.
Furthermore, a collaborative effort between organizations and government agencies is imperative. This
collaboration should extend to fostering research and innovation in the field of cybersecurity. By
promoting academic collaboration with the industry to address emerging threats, a dynamic and
adaptive cybersecurity framework can be developed. This collaborative strategy ensures that the
response to evolving cyber threats is not only swift but also informed by the latest developments in the
field.
5 | P a g e
In conclusion, the proposed comprehensive strategy aims to create a secure and sustainable digital
environment in the evolving landscape of remote work and cybersecurity. By integrating awareness,
organizational commitment, and collaborative efforts, this approach seeks to establish resilience and
adaptability in the face of unforeseen challenges. It opens the floor for discussion on how best to
collectively tackle the pressing issue of increased cyber threats in the realm of remote work, emphasizing
the shared responsibility of individuals, organizations, and governments in building a secure digital
future.
6 | P a g e
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
References page
Pratt, M. K. (2022, August 31). Remote work cybersecurity: 12 risks and how to prevent them
.
Security. https://www.techtarget.com/searchsecurity/tip/Remote-work-cybersecurity-12-
risks-and-how-to-prevent-them
Verizon 2023 DBIR: What’s new this year and top takeaways for SMBS
. Verizon 2023 DBIR:
what’s new this year and top takeaways for SMBs. (n.d.).
https://www.welivesecurity.com/2023/07/03/verizon-2023-dbir-whats-new-top-takeaways-
smbs/
What impact has covid-19 had on the Data Breach Landscape?
Verizon. (2020, September 29).
https://www.verizon.com/about/news/covid-19-data-breach-landscape
Tessian research. Tessian’s “State of Email Security Report 2022.”
(2022, September 12).
Boston.
Florian Widmer Partner. (2021, April 23). Covid-19 and working from home: Balancing Cyber Security and
productivity
. Deloitte Switzerland. https://www2.deloitte.com/ch/en/pages/risk/articles/covid-19-home-
office-cyber-security.html
Wang, B., Liu, Y., Qian, J., & Parker, S. K. (2021). Achieving Effective Remote Working
During the COVID-19 Pandemic: A Work Design Perspective.
Applied psychology =
Psychologie appliquee
,
70
(1), 16–59. https://doi.org/10.1111/apps.12290
Felstead, A., & Henseke, G. (2017). Assessing the growth of remote working and its consequences for
effort, well
being, and work
life balance.
‐
‐
New Technology, Work and Employment, 32(3), 195-212.
Bloom, N., Liang, J., Roberts, J., & Ying, Z. J. (2015). Does working from homework? Evidence from a
Chinese experiment. The Quarterly journal of economics, 130(1), 165-218.
7 | P a g e
Nwankpa, J. K., & Datta, P. M. (2023). Remote vigilance: The roles of Cyber Awareness and cybersecurity
policies among remote workers. Remote Vigilance: The Roles of Cyber Awareness and Cybersecurity
Policies among Remote Workers, 130, 103266. https://doi.org/10.1016/j.cose.2023.103266
Škiljić, A. (2020). Cybersecurity and remote working: Croatia’s (non-)response to increased cyber
threats. International Cybersecurity Law Review: Zeitschrift Für Cybersicherheit Und Recht, 1(1–2), 51–
61. https://doi-org.umasslowell.idm.oclc.org/10.1365/s43439-020-00014-3
(ISC)2. (2020, April 28). (ISC)2 Survey finds cybersecurity professionals being repurposed during COVID-
19 pandemic. PR Newswire: press release distribution, targeting, monitoring, and marketing.
https://www.prnewswire.com/news-releases/isc-survey-finds-cybersecurity-professionals-being-
repurposed-during-covid-19-pandemic-301048308.html
DBIR report 2023 - summary of findings. Verizon Business. (n.d.).
https://www.verizon.com/business/resources/reports/dbir/2023/summary-of-findings/
Lallie, H. S., Shepherd, L. A., Nurse, J. R. C., Erola, A., Epiphaniou, G., Maple, C., & Xavier.
(2021, March 3). Cyber security in the age of covid-19: A timeline and analysis of cyber-
crime and cyber-attacks during the pandemic
. Computers & Security.
https://www.sciencedirect.com/science/article/pii/S0167404821000729
8 | P a g e