Mitigating Cybersecurity Risks Through User Training

Week 14 Blog Post, , , ,

Hypothesis: The increased cybersecurity risks of remote workers can be mitigated by informing remote workers about cybersecurity risks through user training.

madartzgraphics / Pixabay

Introduction
Since numerous organizations adapted to the pandemic by instituting telecommuting, there has been a corresponding rise in cybersecurity risks among remote workers. It has been commonly reported that remote workers have pushed back against security policies, and IT departments have experienced resistance in their attempts to institute necessary security policies.

I want to determine if an educational initiative would be an effective way to improve security and reduce pushback against appropriate security policies. I would like to know the following:

Literature Review

I will show common security risks and security incidents among remote workers culled from IT and cybersecurity analyses. I will show statistics of cybersecurity attacks gathered from published research and articles, as well as the best methods of counteracting those attacks.

Methods/Methodology
I will collect statistics from the IT department of a company on the average number of cybersecurity incidents among employees pre-pandemic while they worked in the office and compare them to post-pandemic while they worked remotely. (The population will be all remote employees who formerly worked in the office.)

The population will be randomly divided in half. One half of the employees will be brought into a brief company educational course on the basics of cyberattacks and taught fundamental personal cybersecurity best practices.

After completion of their user education course, all workers will be monitored after one month of work. We will then perform a security analysis to see if the group given the cybersecurity training had a lower incident of security incidents over the previous month when compared to the group that was not given education in cyberattacks.

I will conduct the study in this way so we can demonstrate if there is a definitely benefit to education and training for remote workers, and if so, how much benefit results from that training in terms of less security incidents. Additionally, we will interview IT staff to see if there has been less pushback against security policies among the educated remote workers.

This type of study could benefit an entire company by improving the daily tasks of the IT staff, helpful the company overall experience less security vulnerabilities from remote workers, and help remote workers become less frustrated with IT security policies by helping them to understand why those policies are enacted.

About Shawn

I'm a junior majoring in Informatics with a focus on Cybersecurity. I live in Huntsville, Alabama - also known as "Rocket City". I love to kayak and take my black lab on hikes.

Leave a Reply

Your email address will not be published. Required fields are marked *