Högskolan i Skövde

Work from Home (WFH) gained momentum as a result of the pandemic. When large portions of the world were under government mandated lockdowns, and forced to institute WFH, companies began to slowly realize that the WFH model come with significant benefits such as the possibility to reduce office space or obtaining access to talent globally. Employees too are incentivized to WFH as it allows them more freedom in where to live, reduce commuting costs, and allow employees to space out work during the day and better manage energy levels. The thesis investigated cybersecurity and information security risks connected to the WFH model through collecting qualitative data by conducting a systematic literature review to gain background knowledge on the topic which was then used to create the interview guide that was used to carry out semi-structured interviews with four heterogeneous Swedish companies of various sizes, working in different fields. The SLR identified social engineering attacks in general, and phishing attacks in particular, to be the greatest threat to employees working in a WFH model suggesting employee security awareness training to be the key security measure in protecting the WFH model. The semi-structured interviews revealed that companies working in a WFH model have also drawn the same conclusion and have made significant efforts to raise security awareness through employee training programs.