Date of Award

12-2024

Document Type

Project

Degree Name

Master of Science in Cybersecurity and Analytics

Department

College of Business and Public Administration

First Reader/Committee Chair

Canelon, Jesus

Abstract

The COVID-19 pandemic and subsequent lockdowns forced many Americans to quickly adapt to working from home, many of which had never done so in the past. In addition, organizations were forced to modify security policies and protocols to allow for remote access to sensitive information. The rapid change in security policies as well as the sudden growth of remote access during the pandemic presented a broader landscape for cyber criminals to attack. In this report, we review the number and type of cyberattacks reported from two (2) years before the pandemic through two (2) years after (1998 through 2023), to analyze the effect lockdowns hand on cybersecurity in the United States. The research questions to be addressed are: (Q1) How did the sudden shift to telework impact the frequency and type of cybersecurity attacks, based on reported incidents year over year? (Q2) What strategies did organizations use to combat the increase in cybersecurity attacks and ensure data security during remote work? (Q3) Based on the outcomes reported and available theories, what policies or strategies can be implemented to continue secure remote work in the future?

A correlation analysis was conducted using the number of attacks reported and the year to find patterns that would confirm or reject the theory that cybersecurity strategies implemented during COVID-19 lockdowns support the ability of Americans to continue remote work securely. After analyzing the data, we were able to provide responses to the research questions as follows: (Q1) While the number of data compromises reported shows a non-liner upward trend, the number of individuals affected decreased during the pandemic and saw a small increase as remote employees returned to the office. (Q2) While mitigation strategies can be many, based on the type of attack being prevented, some of the most notable and successful were the increase in security training for staff, automating security features such as filtering phishing emails and unusual access notifications, and increasing response time in addressing potential security breaches. (Q3) Staff can both be the weakest link and the strongest defense against cybersecurity attacks. To secure staff awareness and cooperation with security policies, organizations must provide an interactive training environment using language and examples easily understood by non-technical staff as well as foster a strong security culture where staff are aware of and feel comfortable reporting unusual incidents regularly. Ensuring staff cooperation with preventative security policies is essential for maintaining the security of remote work.

Download

Share

COinS