Cyber Security of Multi-Locational Work in Modern Organisation
Liukkonen, Mika (2022)
2022
Master's Programme in Human-Technology Interaction
Informaatioteknologian ja viestinnän tiedekunta - Faculty of Information Technology and Communication Sciences
This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Hyväksymispäivämäärä
2022-06-07
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:tuni-202204273983
https://urn.fi/URN:NBN:fi:tuni-202204273983
Tiivistelmä
Multi-locational work has become an integral part of working life in recent decades, and during the Covid-19 pandemic, it has continued to increase. The probability of certain cyber security risks has increased with this change.
Based on the literature, this thesis presents the key cyber security risks in multi-locational work. The risks were categorized in four levels according to who is primarily responsible of the risk. The categories being primarily employee’s responsibility, shared responsibility between the employee and the organisation, primarily organisation’s responsibility and abstract responsibility. The risk analysis matrix was chosen to illustrate the level of risk as it considers both severity and probability of the risks.
The empirical part of the study was conducted as a case study focusing on cyber security in a modern Finnish organisation, and both interview and questionnaire were used. Risk analysis matrix was then used to identify the level of risk in the organisation. Based on the risk analysis, priority proposals for action were targeted at those risks that are intolerable or significant.
The risk assessment matrix was found to be a practical tool for assessing a company's cyber security risk. Once the level of risk has been identified, measures can be taken in the most appropriate way for the company, prioritizing the risks requiring immediate action or other necessary measures.
Based on the literature, this thesis presents the key cyber security risks in multi-locational work. The risks were categorized in four levels according to who is primarily responsible of the risk. The categories being primarily employee’s responsibility, shared responsibility between the employee and the organisation, primarily organisation’s responsibility and abstract responsibility. The risk analysis matrix was chosen to illustrate the level of risk as it considers both severity and probability of the risks.
The empirical part of the study was conducted as a case study focusing on cyber security in a modern Finnish organisation, and both interview and questionnaire were used. Risk analysis matrix was then used to identify the level of risk in the organisation. Based on the risk analysis, priority proposals for action were targeted at those risks that are intolerable or significant.
The risk assessment matrix was found to be a practical tool for assessing a company's cyber security risk. Once the level of risk has been identified, measures can be taken in the most appropriate way for the company, prioritizing the risks requiring immediate action or other necessary measures.