Understanding the Effects of Cyber Security Risks and Threats on Forced Teleworking Organizations

Sammanfattning: This study investigates the cyber security threats and risks that are associated with forced teleworking during the period of Covid-19, when organizations have been forced to telework. Three different main aspects from two theories have been crucial when investigating the threats and risks associated with forced teleworking, which are the Social, Technical and Risk Tolerance aspects. This study is of a qualitative nature, where five different interviews have been conducted to see similarities and differences between literature and practice of threats, practices, standards and frameworks used. From the three aspects, the findings show that cyber security threats and risks have increased during this time period, but nothing that could not be handled. It has been concluded that legislation and regulations needs to be highlighted when deciding certain practices to prevent risks and threats, and that employee training is the most important cyber security practice. Furthermore, new trends of social engineering have risen and the scaled up teleworking cannot be seen as a crisis from a cyber security perspective. Finally, it can also be noted that employees with more knowledge about threats, risks and practices might lead to a more risk taking behaviour which could harm teleworking organizations.