A Cybersecurity Assessment of the Remote Working Environment During Covid-19. A Case Study of Financial Regulators in Kenya

Abstract

The Covid-19 pandemic abruptly transformed the way businesses and organizations operate, with governments around the world implementing measures to protect people in order to slow the spread of the virus. This included strict lockdowns and social distancing measures that caused entire workforces to adopt remote working. Organizations therefore had to devise ways support the new arrangement with no time to prepare their ICTs, put in place necessary security mechanisms and develop appropriate policies to guide accessibility of resources from remote locations. As a result of this sudden and unplanned shift to work from home and shift operations online, malicious cyberspace activities and emergent threats proliferated to exploit vulnerabilities in ICT’s. Little research exists on how pandemics such as Covid-19 present opportunities for cybercriminals to perpetrate their activities. The study aimed to investigate how different factors such as cybersecurity preparedness, cybersecurity management procedures and cybersecurity threats influenced remote. Literature revealed that there was a significant increase in cyberthreat activities such as malware, ransomware, and phishing attacks which targeted unprotected and unsuspecting victims during remote working. This research study adopted the quantitative research approach where data was collected using self-administered questionnaires where descriptive statistics and regression analysis was conducted. Based on the regression model, the findings demonstrated that where cybersecurity preparedness measures and cybersecurity management procedures were adopted, they had a significant positive effect in aiding the financial regulatory institutions to achieve secure remote working. However, with the proliferation of cybersecurity threats, and where these were encountered in some form, this impacted negatively to the remote working environment which became vulnerable. In the same way, adoption of cybersecurity frameworks led to a more secure remote working environment. This research proposed and validated a model that explains how these different aspects interplay to affect cybersecurity of the remote working environment. However, development of a model that can be used to mitigate cybersecurity risks for secure remote working is recommended during the remote working period. This study is expected to generate interest among ICT stakeholders in both public and private organizations about the emergent cybersecurity to securing their information assets and the remote worker during the Covid-19 pandemic and beyond.