Starting in early 2020, the world faced an unprecedented global health crisis that disrupted industries and impacted lives worldwide [1]. To control the spread of the crisis and "flatten the curve," organizations and businesses swiftly shifted to remote work, making it the new norm virtually overnight. This sudden reliance on technology for business continuity and remote interaction highlighted the crucial role of connectivity in maintaining operations. However, this shift also brought inherent security challenges as employees started conducting business outside traditional office environments and on potentially untrusted devices. With only a fraction of businesses having a cybersecurity policy in place [2], the increased risk of cyberattacks during this period was significant [3].
The shift to remote work, commonly known as "working from home" (WFH), posed a new challenge for IT security professionals [4]. Examining data breach trends before and during the global pandemic can provide insights to understand this new challenge and better prepare our cyber security practices/responses based on these data-driven policies. Such an approach can also ensure resilience across multiple platforms in the face of evolving cybersecurity threats. Thus, closely examining data breach information, patterns, and commonalities can benefit organizations and their users, enabling improved preparedness for potential future incidents.
Given this context, this study aims to bridge the knowledge gap and provide a broader understanding of the impact of data breaches in a four-year period. The World Health Organization (WHO) declared the coronavirus outbreak a pandemic on March 11, 2020. Soon after the declaration, organizations from all over the world began switching to remote work. We used the beginning of April 2020 as the milestone for remote work. We collected the data two years before and two years after that milestone. We compared the two time periods to understand how switching to remote work impacted data breach trends. The insights gained will contribute to a better understanding of best practices and strategies to enhance cybersecurity preparedness. As such, the findings of this study will be valuable in shaping policies, procedures, and network controls for IT security professionals in the event of a similar magnitude crisis in the future.
Relevant Studies
The rapid adoption of remote work in response to the COVID-19 pandemic has significantly changed how organizations operate. While remote work offers numerous benefits, such as increased flexibility and productivity, it also introduces new challenges, particularly in terms of maintaining information security and protecting against data breaches. Many scholars also studied the adverse effects of remote work during COVID-19. Therefore, we first conducted a brief literature review to provide an overview of relevant studies and research on the impact of remote work on cybersecurity, highlighting key findings, challenges, and best practices.
The impacts of remote work
A number of studies have investigated the impact of remote work on cybersecurity incidents. For instance, Škiljić (2020) explored cybersecurity risks associated with remote work and emphasized the importance of adapting cybersecurity controls and policies such as implementing multi-factor authentication, enhancing security in applications while avoiding insecure collaboration tools, deploying encrypted VPN solutions, conducting regular security audits, enforcing robust remote access controls, and prioritizing employee cybersecurity education to mitigate these risks [5]. By taking into account the technical side of remote work, Rakha (2023) examined the challenges associated with securing remote access to organizational resources. The author discussed the importance of implementing multi-factor authentication, virtual private networks (VPNs), and secure remote desktop protocols to establish secure connections between remote workers and the corporate network [6].
Dangheralou and Jahankhani (2022) analyzed the impact of remote work on the effectiveness of security controls. They found that certain controls, such as network perimeter defenses, might be less effective in a remote work environment. The authors suggested the adoption of cloud-based security solutions and endpoint protection tools to address these limitations[7]. On the other hand, by focusing on human error in cyber security, Sidor-Rzaqdkowska (2022) investigated the role of employee behavior in remote work. They emphasized the need for strong security awareness programs, regular training, and clear security policies to foster a culture of cybersecurity among remote workers and reduce the risk of human errors leading to data breaches [8].
Borkovich and Skovira (2020) focused on the cybersecurity challenges that arise in the context of remote work environments. They examined the unique security issues associated with remote work arrangements and offered insights into how organizations can address these challenges [9]. Their research sheds light on the evolving landscape of cybersecurity in the remote work setting. Likewise, Nwankpa and Datta (2023) conducted a study that focused on the relationship between remote work and cybersecurity [10]. The research specifically examined employee awareness and practices regarding cybersecurity in the context of remote work. By evaluating employee awareness and behaviors related to cybersecurity, the study aimed to shed light on the potential vulnerabilities and risks associated with remote work and identify areas where organizations can improve employee training and awareness to enhance their cybersecurity defenses.
Ahmad (2020) emphasized the role of cybersecurity policies and practices in mitigating data breach risks by stressing the importance of developing and implementing proactive security strategies, effective computer security plans, the integration of cloud-based systems, and the use of encryption to safeguard organizational assets and resources in the face of evolving cyber threats [11]. Finally, Nafea and Almaiah (2021) comprehensive literature offers a review of the topic of security risks and countermeasures in remote work. Their study focused on understanding the security challenges associated with remote work, provided an overview of various security risks remote workers face, and explored countermeasures to mitigate these risks, offering a valuable resource for addressing security concerns in remote work environments [12].
Increased level of cyberattacks
Certain scholars examined the impact of remote work on the frequency of cyberattacks. Within this framework, Al-Qahtani and Cresci (2022) conducted a study on the impact of the COVID-19 pandemic on cyberattacks [13]. They found a significant increase in phishing attacks and social engineering scams targeting remote workers, highlighting the need for robust security awareness training and regular updates on emerging threats.
By analyzing reported incidents Jawaid (2022) explored the relationship between remote work and data breaches. Their study answers questions about whether remote work impacts data security and privacy [14]. They reported data breach incidents and provided insights into the factors contributing to these breaches in the context of remote work. Ansback and Sharton (2020) investigated the influence of remote work on insider threats. Their findings revealed that remote employees might exhibit different behavioral patterns that could increase the risk of insider attacks [15]. They emphasized the need for continuous monitoring and user behavior analytics to detect and prevent such incidents. Similarly, Homoliak et al. (2019) conducted a case study analysis to examine the relationship between remote work and insider threats. The research helps to understand specific cases about how remote work scenarios can contribute to insider threats within organizations [16]. By analyzing real-world instances, their study provides valuable insights into the challenges and security considerations associated with remote work.
The effectiveness of current security implications
Other studies also discussed the risks associated with remote work and the possible technical safeguards against them. For example, Rah (2023) examined the relationship between remote work and adopting Bring Your Own Device (BYOD) policies [17]. This study highlighted antivirus tools, mobile device management systems, virtual private networks, firewalls, secure Wi-Fi, device encryption, regular patching, and similar security controls to mitigate the potential risks associated with personal devices used for work purposes. Similarly, Sood et al. (2018) comprehensively analyzed remote desktop protocol (RDP) attacks [18]. They emphasized the significance of securing RDP connections through strong passwords, network segmentation, and two-factor authentication to prevent unauthorized access and potential data breaches. Likewise, Ramadan et al. (2021) investigated the impact of remote work on the effectiveness of intrusion detection systems (IDS). Their findings indicated the need for fine-tuning IDS algorithms and rules to account for the changes in network traffic patterns and the dynamic nature of remote work environments [19].
Larsson & Qollakaj (2023) investigated the impact of the shift to remote work and the usage of VPNs [20]. Their findings indicated that the surge in remote work has led to a rise in VPN attacks. These attacks often exploit vulnerabilities in VPN systems, so companies are advised to patch their systems. Advanced Persistent Threat (APT) groups have taken advantage of these vulnerabilities, establishing persistent and stealthy access to networks used by remote workers via VPNs. To mitigate these risks and fortify VPN systems and private networks, countermeasures like implementing enforced Multi-Factor Authentication (MFA) and adding multiple layers of defense are recommended.
Finally, Ngee(2022) conducted a comparative analysis focusing on cybersecurity measures in the remote work environment. The study compared various cybersecurity practices and measures across remote work settings to assess their effectiveness. By conducting a comparative analysis, the authors provided insights into the best practices for implementing cybersecurity measures in remote work scenarios, helping organizations enhance their security posture in this evolving work landscape [21].
Summary of the literature review
Previous research can be categorized into two primary domains: (1) security threats associated with remote employees and (2) those related to the technologies used while working remotely. In particular, the studies reviewed collectively emphasize the unique challenges faced by organizations as they transition to remote work environments and the need for robust security measures to mitigate risks. As a result, the findings indicate that remote work introduces vulnerabilities related to home networks, personal devices, and human behavior, which malicious actors often exploit through phishing attacks, social engineering scams, and insider threats. Therefore, organizations should focus on implementing strong authentication mechanisms, encryption protocols, secure remote access solutions, and robust security awareness programs to address these challenges. Additionally, measures such as network segmentation, intrusion detection systems, and monitoring user behavior can play crucial roles in maintaining information security in remote work settings.
Current Study
This study aims to investigate the impact of remote work on cybersecurity within the context of the pandemic. The sudden shift to remote work has become the new norm for many organizations and individuals. In addition, the reliance on technology and online services has increased significantly. This transition has raised concerns about potential vulnerabilities and security risks associated with remote work. The current study seeks to understand the trends in data breaches that occurred before and during the pandemic. By examining the trends and patterns in data breaches, the study aims to provide insights into best practices for cybersecurity preparedness in remote work environments. The findings of this study will contribute to the development of effective strategies and policies to mitigate cybersecurity risks and ensure the resilience of organizations in the face of future challenges.