A study of information security awareness on teleworking security risks and recommendations since Covid19 pandemic

Galajda, Lukas

January 2023

This study is looking at “the changed” world for employees that were lucky and could continue their work from places other than the office since the Covid-19 pandemic outbreak using teleworking tools. Their numbers grew exponentially and while they still had to perform their duties as usual, they could not rely on the security infrastructure built at the office. The attackers saw this immediately and took the opportunity to unleash various techniques with malicious intent. Now the time is right to find out whether the coronavirus pandemic did at least some good and to what extent the remote workers are aware of information security guidelines. This quantitative study begins with the formation of the research question and first thoughts about the research model. Then the search thru the literature thoroughly finds mostly used attacks as well as the best way how to protect against them and the review of theory builds a research model that fits the aim of the study. Thru a quantitative online survey via snowballing method answers from users from all over the world are collected and analyzed and the hypotheses drawn from the model are verified. Lastly, results are discussed, and a conclusion is provided. The study findings are that the teleworkers are quite highly aware of information security awareness or ISA, thanks to sufficient knowledge and attitude towards information security, and in turn, this awareness leads to correct behavior in information security. More specifically, knowledge is more strongly associated with ISA of telework risks than recommendations, attitude, on the other hand, is more strongly related to telework recommendations than the risks, also ISA of telework risks has a greater influence on behavior than ISA of telework recommendations. The contribution of this study is the revelation that the impact of telework and the coronavirus pandemic did not change the course of information security awareness perception in comparison to pre-pandemic studies. Also, thanks to the subcategorization of ISA to risks and recommendations it was revealed that awareness of teleworking risk is quite higher than awareness of recommendations after the Covid-19 period.

information security awareness

teleworking

security risks

security recommendations

Information Systems

Internet of Things based Smart Homes : Security Risk Assessment and Recommendations

Ali, Bako

January 2016

The Internet of Things (IoT) is an emerging paradigm focusing on the inter-connection of things or devices to each other and to the users. Over time, the most of connections in IoT are shifting from ‘Human to Thing’ to ‘Thing to Thing’. This technology is anticipated to become an essential milestone in the development of smart homes to bring convenience and efficiency into our lives and our homes. But, by bringing this IoT technology into our homes there will be important implications for security in these technologies. Connecting every smart objects inside the home to the internet and to each other results in new security and privacy problems, e.g., confidentiality, authenticity, and integrity of data sensed and exchanged by objects. These technologies are very much vulnerable to different security attacks that make an IoT-based smart home unsecure to live in and therefore it is necessary to evaluate the security risks to judge the situation of the smart homes. For any technology to be successful and achieve widespread use, it needs to gain the trust of users by providing sufficient security and privacy assurance. As in all sectors, maintaining security will be a critical challenge to overcome. As homes are increasingly computerized and filled with devices, potential computer security attacks and their impact on residents need to be investigated. This report uses OCTAVE Allegro Methodology which focuses mainly on information assets and considers containers (technical, physical and people) and conducts a security risk assessment with the goal of highlighting various security flaws in IoT-based smart home, impacts and proposing countermeasures to the identified issues satisfying most of security requirements. Finally, it comes up with some recommendations to the users. The research findings documented into a thesis paper for secure IoT-based smart home systems and the resulted list and recommendations will be some useful contribution which can be used as a foundation for the specification of security requirements. For future work, the assessment will be extended to include more types of smart home applications rather than just typical one. / <p>Validerat; 20160620 (global_studentproject_submitter)</p>

Social Behaviour Law

Internet of Things

Smart Homes

Intelligent Homes

Building Automation

Smart Buildings

Security Risk Assessment

Security Recommendations

Security Threats

Security Countermeasures

Samhälls-

beteendevetenskap

juridik