A study of information security awareness on teleworking security risks and recommendations since Covid19 pandemic

Abstract: This study is looking at “the changed” world for employees that were lucky and could continue their work from places other than the office since the Covid-19 pandemic outbreak using teleworking tools. Their numbers grew exponentially and while they still had to perform their duties as usual, they could not rely on the security infrastructure built at the office. The attackers saw this immediately and took the opportunity to unleash various techniques with malicious intent. Now the time is right to find out whether the coronavirus pandemic did at least some good and to what extent the remote workers are aware of information security guidelines. This quantitative study begins with the formation of the research question and first thoughts about the research model. Then the search thru the literature thoroughly finds mostly used attacks as well as the best way how to protect against them and the review of theory builds a research model that fits the aim of the study. Thru a quantitative online survey via snowballing method answers from users from all over the world are collected and analyzed and the hypotheses drawn from the model are verified. Lastly, results are discussed, and a conclusion is provided. The study findings are that the teleworkers are quite highly aware of information security awareness or ISA, thanks to sufficient knowledge and attitude towards information security, and in turn, this awareness leads to correct behavior in information security. More specifically, knowledge is more strongly associated with ISA of telework risks than recommendations, attitude, on the other hand, is more strongly related to telework recommendations than the risks, also ISA of telework risks has a greater influence on behavior than ISA of telework recommendations. The contribution of this study is the revelation that the impact of telework and the coronavirus pandemic did not change the course of information security awareness perception in comparison to pre-pandemic studies. Also, thanks to the subcategorization of ISA to risks and recommendations it was revealed that awareness of teleworking risk is quite higher than awareness of recommendations after the Covid-19 period.