RAPID: Exploring the Cyber Behaviors of Temporary Work-From-Home (TWFH) Employees

RAPID：探索临时在家工作 (TWFH) 员工的网络行为

• 批准号: 2030845
• 负责人: Michael Posey
• 金额: $ 17.02万
• 依托单位: The University of Central Florida Board of Trustees
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2020
• 资助国家: 美国
• 起止时间: 2020-06-01 至 2021-05-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2030845&HistoricalAwards=false
• 关键词: RAPID; Exploring; Cyber; Behaviors; Temporary

Responses to the novel coronavirus 2019 (COVID-19) have led to a substantial number of employees working from home in an ad-hoc emergency fashion. This project examines the ramifications of temporary work-from-home environments for organizational cybersecurity. The project team is assessing organizational methods used to help secure temporary remote locations, examining the new workplace characteristics that employees encounter, and determining whether and how these factors influence the security of sensitive organizational data, information, and digital systems. Project findings will allow the research team to develop actionable recommendations to organizational leaders who rely on temporary, remote work locations for their employees in times of substantial uncertainty. This project will help guide the design and implementation of organizational cybersecurity policies, procedures, and other efforts relied upon during significant future crises—times when cybersecurity threats tend to be elevated and employees dispersed throughout numerous locations.The research team is using a mixed methods approach to evaluate possible responses by employees to the unexpected work conditions surrounding the COVID-19 pandemic. These employees might exhibit increased resilience to cybersecurity risks due to the cooperative motivations that often follow disasters. On the other hand, stressors associated with working at home might lead employees to pay less attention to cybersecurity demands and to engage in shortcuts and workarounds. Thus, the project investigates the extent that organizational responses to the COVID-19 pandemic and the crisis lead individuals to protect their environments and their organizations from cybersecurity threats or by contrast to engage in behavior that constitutes threats to sensitive organizational assets and practices. In-depth semi-structured interviews and experience sampling assessments are performed using several samples of employees working at home. Daily surveys will be completed by a sample of participants over a two-week period to determine fluctuations in employee attitudes, emotions, and behaviors.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

应对新型冠状病毒2019（COVID-19）导致大量员工以临时紧急方式在家工作。该项目研究了临时在家工作环境对组织网络安全的影响。项目团队正在评估用于帮助保护临时远程位置的组织方法，检查员工遇到的新工作场所特征，并确定这些因素是否以及如何影响敏感组织数据，信息和数字系统的安全性。 项目调查结果将使研究团队能够为那些在重大不确定性时期依赖临时远程工作地点的员工的组织领导者制定可操作的建议。 该项目将有助于指导设计和实施组织网络安全政策、程序和其他工作，这些工作在未来重大危机时期依赖于网络安全威胁往往会升高，员工分散在许多地方。研究团队正在使用混合方法来评估员工对COVID-19大流行周围意外工作条件的可能反应。这些员工可能会表现出对网络安全风险的更强的适应力，这是因为灾难发生后往往会产生合作的动机。另一方面，与在家工作相关的压力可能会导致员工对网络安全需求的关注减少，并采取捷径和变通办法。因此，该项目调查了组织对COVID-19大流行和危机的应对措施在多大程度上导致个人保护其环境和组织免受网络安全威胁，或者相反，参与对敏感组织资产和实践构成威胁的行为。深入的半结构化访谈和经验抽样评估进行了几个样本的员工在家工作。 该奖项反映了NSF的法定使命，并通过使用基金会的智力价值和更广泛的影响审查标准进行评估，被认为值得支持。

项目成果

Research: Why Employees Violate Cybersecurity Policies

研究：员工为何违反网络安全政策

• 发表时间: 2022
• 期刊: Harvard Business Review
• 影响因子: 14.7
• 作者: Posey, C.;Shoss, M.
• 通讯作者: Shoss, M.