Cybersecurity in Remote Work and Working from Home

The Project

The COVID-19 pandemic was associated with major changes in working practices that have continued beyond the height of the pandemic. However, questions remain about the scale of these changes, how they have evolved over time, and what impacts they might have had on the workplace. The Global Cybersecurity Capacity Centre (GCSCC) is interested in understanding the particular implications of changes in working practices for cybersecurity.

Early Exploratory Research

The first approach to the problem gathered information on how cybersecurity has enabled working from home during the pandemic. This preliminary work was based on in-depth interviews with IT and security experts in organisations. In some organisations, the sudden swift to working from home during the COVID-19 pandemic was linked to a rise in cybersecurity issues and vulnerabilities, although cybersecurity measures taken prior the pandemic enabled the scale of such swift.  

• Article: 'An Exploratory Study of Cybersecurity in Working from Home: Problem or Enabler?'

Survey Research: Phase I

In order to build on this exploratory research, we conducted a global survey on cybersecurity across workplaces. In collaboration with an innovative tech-enabled survey firm, GrapeData, we launched a global online survey in summer 2022. We asked respondents about their workplaces and cybersecurity issues prior to the COVID-19 pandemic, during the pandemic, and currently. The survey was fielded from mid-June to early September 2022, yielding responses to the survey from 7,330 internet users across 133 countries. We are developing a set of analytical studies using the results of this survey to explore the factors shaping different patterns of working from various locations and their impact on cybersecurity problems. The findings reinforce the earlier set of qualitative interviews that suggested cybersecurity raises questions about WFH, but is also enabling this shift. The results are described in a set of blogs and papers listed below.

• An overview of the findings: ‘Cybersecurity Implications of Changing Patterns of Office, Home, and Hybrid Work: An Exploratory Global Survey.’ 
• Supplementary Materials: 'Robustness checks of the findings'; 'Complete phase I survey questionnaire'
• Blogs: 'Cybersecurity and Changing Workplaces'; 'Changing Workplaces: Implications for Cybersecurity'; 'Helping Oxford's GCSCC Conduct a Survey on Cybersecurity across Workplaces'; 'Stay-at-Home Workers'; 'The Attraction of Working from Home'

Survey Research: Phase II

We are currently developing ideas on a follow-up survey, in collaboration with GrapeData.

References

Bispham, M., Creese, S., Dutton, W. H., Esteve-González, P., and Goldsmith, M. (2022). An Exploratory Study of Cybersecurity in Working from Home: Problem or Enabler? Journal of Information and Policy, 12: 353-386. https://doi.org/10.5325/jinfopoli.12.2022.0010

Esteve-González, P., Dutton, W. H., Creese, S., and Agrafiotis, I. (2023). ‘Cybersecurity Implications of Changing Patterns of Office, Home, and Hybrid Work: An Exploratory Global Survey.’ http://dx.doi.org/10.2139/ssrn.4322366