Information Security Threats and Working from Home Culture: Taxonomy, Risk Assessment and Solutions-Reference-Cited by-同舟云学术

Information Security Threats and Working from Home Culture: Taxonomy, Risk Assessment and Solutions

Published:2023-04-15 Issue:8 Volume:23 Page:4018
ISSN:1424-8220
Container-title:Sensors
language:en
Short-container-title:Sensors

Author:

Kotak Jaidip¹^ORCID,Habler Edan¹^ORCID,Brodt Oleg¹,Shabtai Asaf¹^ORCID,Elovici Yuval¹^ORCID

Affiliation:

1. Department of Software and Information Systems Engineering, Ben-Gurion University of the Negev, Be’er Sheva 8410501, Israel

Abstract

During the COVID-19 pandemic, most organizations were forced to implement a work-from-home policy, and in many cases, employees have not been expected to return to the office on a full-time basis. This sudden shift in the work culture was accompanied by an increase in the number of information security-related threats which organizations were unprepared for. The ability to effectively address these threats relies on a comprehensive threat analysis and risk assessment and the creation of relevant asset and threat taxonomies for the new work-from-home culture. In response to this need, we built the required taxonomies and performed a thorough analysis of the threats associated with this new work culture. In this paper, we present our taxonomies and the results of our analysis. We also examine the impact of each threat, indicate when it is expected to occur, describe the various prevention methods available commercially or proposed in academic research, and present specific use cases.

Publisher

MDPI AG

Subject

Electrical and Electronic Engineering,Biochemistry,Instrumentation,Atomic and Molecular Physics, and Optics,Analytical Chemistry

Link

https://www.mdpi.com/1424-8220/23/8/4018/pdf

Reference76 articles.

1. (2022, June 21). Gartner Survey 2020. Available online: https://www.gartner.com/en/newsroom/press-releases/2020-07-14-gartner-survey-reveals-82-percent-of-company-leaders-plan-to-allow-employees-to-work-remotely-some-of-the-time.

2. Bitaab, M., Cho, H., Oest, A., Zhang, P., Sun, Z., Pourmohamad, R., Kim, D., Bao, T., Wang, R., and Shoshitaishvili, Y. (2020, January 16–19). Scam pandemic: How attackers exploit public fear through phishing. Proceedings of the 2020 APWG Symposium on Electronic Crime Research (eCrime), Boston, MA, USA.

3. CISA (2022, December 24). Understanding Denial-of-Service Attacks, Available online: https://www.cisa.gov/uscert/ncas/tips/ST04-015.

4. Allot (2022, December 24). Glossary of Common DDoS Attacks. Available online: https://www.allot.com/ddos-attack-glossary/.

5. Halavais, A.C. (2001). The Slashdot Effect: Analysis of a Large-Scale Public Conversation on the World Wide Web, University of Washington.

Cited by 6 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Information Security Investments: How to Prioritize?;Proceedings of the 20th Brazilian Symposium on Information Systems;2024-05-20

2. Data Security and Privacy Concerns in Drone Operations;Advances in Information Security, Privacy, and Ethics;2024-01-26

3. Future Trends and Emerging Threats in Drone Cybersecurity;Advances in Information Security, Privacy, and Ethics;2024-01-26

4. Cybersecurity Risks of Changing Workplaces: A Global Survey;2024

5. Geographic information enterprise risk management methodology taking into account multiple risk factors;Proceedings of the 2023 4th International Conference on Computer Science and Management Technology;2023-10-13