Towards Assessing Organizational Cybersecurity Risks via Remote Workers’ Cyberslacking and Their Computer Security Posture

Towards Assessing Organizational Cybersecurity Risks via Remote Workers’ Cyberslacking and Their Computer Security Posture

Cyberslacking is conducted by employees who are using their companies’ equipment and network for personal purposes instead of performing their work duties during work hours. Cyberslacking has a significant adverse effect on overall employee productivity, however, recently, due to COVID19 pandemic move to remote working also pose a cybersecurity risk to organizations networks and infrastructure. In this work-in-progress research study, we are developing, validating, and will empirically test taxonomy to assess an organization’s remote workers’ risk level of cybersecurity threats. This study includes a three-phased developmental approach in developing the Remote Worker Cyberslacking Security Risk Taxonomy. With feedback from cybersecurity Subject Matter Experts (SMEs) on the taxonomy and measures, we then plan to use the taxonomy to assess organizational remote workers’ risk level of cybersecurity threats by using actual system indicators of productivity measures to estimate their cyberslacking along with assessing the computer security posture of the remote device being used to access organizational resources. Anticipated results from 125 anonymous employees will then be assessed on the proposed novel taxonomy where recommendation to the organizational cybersecurity leadership will be provided.