Just another Society for Advancement of Management Chapter Sites site
SAM ADVANCED MANAGEMENT JOURNAL
Cyber Security and Hybrid Work Environments
P.V. Rajkumar, Kamala Raghavan, and Mayur Desai
DOI:
Citation: Rajkumar, P.V., Raghavan, K. & Desai, M. (2023). Cyber security and hybrid work environments. SAM Advanced Management Journal, 88(3),44-55.
Abstract
Remote work/ Work from home (WFH)/ Hybrid work started in 2020 due to Covid-19 pandemic and has shown a positive impact on employee productivity. It is now the preferred choice of many employees due to work life balance. The WFH “hybrid” model where activities can be performed both remotely and in the office is expected to continue but have major implications for security issues. The increased cybersecurity risk due to “data” being handled by the employees in their home computers and mobile devices where the security measures can be compromised by malicious hackers is being felt across all industries. This paper reviews the impact of new norm of remote and hybrid work on existing cybersecurity structure of organizations and proposes a framework with steps to reduce cybersecurity risks.
References
Accenture, Inc. (2020). Third annual state of cyber resilience report. New York: Accenture, Inc.
Aslan, Ö., Aktuğ, S. S., Ozkan-Okay, M., Yilmaz, A. A., & Akin, E. (2023). A comprehensive review of cyber security vulnerabilities, threats, attacks, and solutions. Electronics, 12(6), 1333. https://doi.org/10.3390/electronics12061333
Awaludin, A., Sulistyadi, W., & Chandra, A. F. (2023). Analysis of attacks and cybersecurity in the health sector during a pandemic COVID-19: Scoping review. Journal of Social Science, 4(1), 62–70. https://doi.org/10.46799/jss.v4i1.512
Esteve-González, P., Dutton, W. H., Creese, S., & Agrafiotis, I. (2023). Cybersecurity implications of changing patterns of office, home, and hybrid work: An exploratory global survey. SSRN Electronic Journal. https://doi.org/10.2139/ssrn.4322366
Franceschi-Bicchierai, L. (2023). Hackers steal Activision games and employee data. Retrieved from TechCrunch website: https://techcrunch.com/2023/02/21/hackers-allegedly-steal-activision-games-and-employee-data/
Gartner. (2019). Cybersecurity research. Retrieved from Gartner website: https://www.gartner.com/en/information-technology/insights/cybersecurity
Glover, C. (2023). British Airways, BBC and boots all hit in Zellis cyberattack exploiting MOVEit vulnerability. Retrieved from Tech Monitor website: https://techmonitor.ai/technology/cybersecurity/zellis-cyberattack-british-airways-boots-bbc
Gunaratna, S. (2016). LinkedIn: 2012 data breach much worse than we thought. Retrieved from www.cbsnews.com website: https://www.cbsnews.com/news/linkedin-2012-data-breach-hack-much-worse-than-we-thought-passwords-emails/
Holmes, A. (2021). 533 million Facebook users’ phone numbers and personal data have been leaked online. Retrieved from Business Insider website: https://www.businessinsider.com/stolen-data-of-533-million-facebook-users-leaked-online-2021-4
Kapko, M. (2022). How attackers are breaking into organizations. Retrieved from Cybersecurity Dive website: https://www.cybersecuritydive.com/news/how-attackers-break-organizations/629686/
Kassner, M. (2015). Anatomy of the Target data breach: Missed opportunities and lessons learned. Retrieved from ZDNet website: https://www.zdnet.com/article/anatomy-of-the-target-data-breach-missed-opportunities-and-lessons-learned/
King, R. (2013). Adobe hacked, 3 million accounts compromised. Retrieved from CNET website: https://www.cnet.com/News/Privacy/Adobe-Hacked-3-Million-Accounts-Compromised/
Koerner, B. (2016). Inside the Cyberattack That Shocked the US Government. Retrieved from WIRED website: https://www.wired.com/2016/10/inside-cyberattack-shocked-us-government/
Krebs, B. (2013). Adobe breach impacted at least 38 million users: Krebs on security. Retrieved from Krebs on Security website: https://krebsonsecurity.com/2013/10/adobe-breach-impacted-at-least-38-million-users/
Leonhardt, M. (2019). Equifax to pay $700 million for massive data breach. Here’s what you need to know about getting a cut. Retrieved from CNBC website: https://www.cnbc.com/2019/07/22/what-you-need-to-know-equifax-data-breach-700-million-settlement.html
Naraine, R. (2023). T-Mobile says hackers used API to steal data on 37 million accounts. Retrieved from SecurityWeek website: https://www.securityweek.com/t-mobile-says-hackers-used-api-steal-data-37-million-accounts/
Ncubukezi, T. (2023). Risk likelihood of planned and unplanned cyber-attacks in small business sectors: A cybersecurity concern. 18th International Conference on Cyber Warfare and Security. Maryland: Towson University. Retrieved from https://papers.academic-conferences.org/index.php/iccws/article/view/1084
Perez, S. (2016). Recently confirmed Myspace hack could be the largest yet. Retrieved from TechCrunch website: https://techcrunch.com/2016/05/31/recently-confirmed-myspace-hack-could-be-the-largest-yet/
Perlroth, N. (2017). All 3 billion Yahoo accounts were affected by 2013 attack. The New York Times. Retrieved from https://www.nytimes.com/2017/10/03/technology/yahoo-hack-3-billion-users.html
Poremba, S. (2023). ChatGPT confirms data breach, raising security concerns. Retrieved from Security Intelligence website: https://securityintelligence.com/articles/chatgpt-confirms-data-breach/
Raghavan, K., Desai, M., & Rajkumar, P. V. (2017). Managing cybersecurity and e-commerce risks in small businesses. Journal of Management Science and Business Intelligence , 2(1).
Raghavan, K., Desai, M., & Rajkumar, P. V. (2020). Multi-step operations strategic framework for ransomware protection. SAM Advanced Management Journal, 85(4).
Rajkumar, P. V., & Sandhu, R. (2016). Safety decidability for pre-authorization usage control with finite attribute domains. IEEE Transactions on Dependable and Secure Computing, 13(5), 582–590. https://doi.org/10.1109/tdsc.2015.2427834
Rajkumar, P. V., & Sandhu, R. (2020). Safety decidability for pre-authorization usage control with identifier attribute domains. IEEE Transactions on Dependable and Secure Computing, 17(3), 465–478. https://doi.org/10.1109/tdsc.2018.2839745
Reuters. (2017). Target settles 2013 hacked customer data breach for $18.5 million. Retrieved from NBC Business News website: https://www.nbcnews.com/business/business-news/target-settles-2013-hacked-customer-data-breach-18-5-million-n764031
Temple-Raston, D. (2021). A “worst nightmare” cyberattack: The untold story of the solarwinds hack. Retrieved from NPR website: https://www.npr.org/2021/04/16/985439655/a-worst-nightmare-cyberattack-the-untold-story-of-the-solarwinds-hack
Todd, D. (2022, September 14). Top 10 data breaches of all time. Retrieved from Secure World website: https://www.secureworld.io/industry-news/top-10-data-breaches-of-all-time
U.S. Office of Personnel Management. (n.d.). Cybersecurity resource center. Retrieved from U.S. Office of Personnel Management website: https://www.opm.gov/about-us/our-people-organization/support-functions/chief-financial-officer/cybersecurity-resource-center/
Weise, E. (2016). 360 million Myspace accounts breached. Retrieved from USA TODAY website: https://www.usatoday.com/story/tech/2016/05/31/360-million-myspace-accounts-breached/85183200/
Whittaker, Z. (2023). Mailchimp says it was hacked — again. Retrieved from TechCrunch website: https://techcrunch.com/2023/01/18/mailchimp-hacked/
Winder, D. (2019). Unsecured Facebook databases leak data of 419 million users. Retrieved from Forbes website: https://www.forbes.com/sites/daveywinder/2019/09/05/facebook-security-snafu-exposes-419-million-user-phone-numbers/?sh=1c2b20a11ab7
Zetter, K. (2012). Hacker claims he stole 4.5M LinkedIn password hashes. Retrieved from Wired website: https://www.wired.com/2012/06/linkedin-passwords-stolen/