A Census of Swedish Government Administrative Authority Employee Communications on Cybersecurity during the COVID-19 Pandemic

Cybersecurity is the backbone of a successful digitalization of society, and cyber situation awareness is an essential aspect of managing it. The COVID-19 pandemic has sped up an already ongoing digitalization of Swedish government agencies, but the cybersecurity maturity level varies across agencies. In this study, we conduct a census of Swedish government administrative authority communications on cybersecurity to employees at the beginning of the COVID-19 pandemic. The census shows that the employee communications in the beginning of the pandemic to a greater extent have focused on first-order risks, such as video meetings and telecommuting, rather than on second-order risks, such as invoice fraud or social engineering. We also find that almost two thirds of the administrative authorities have not yet implemented, but only initiated or documented, their cybersecurity policies.

[1]  Carsten Maple,et al.  Cyber security in the age of COVID-19: A timeline and analysis of cyber-crime and cyber-attacks during the pandemic , 2020, Computers & Security.

[2]  Ashraf Darwish,et al.  Cyber Security in the Age of COVID-19 , 2021, Digital Transformation and Emerging Technologies for Fighting COVID-19 Pandemic.

[3]  Rennie Naidoo,et al.  A multi-level influence model of COVID-19 themed cybercrime , 2020, Eur. J. Inf. Syst..

[4]  Tabrez Ahmad,et al.  Corona Virus (COVID-19) Pandemic and Work from Home: Challenges of Cybercrimes and Cybersecurity , 2020, SSRN Electronic Journal.

[5]  Arnold Mashud Abukari Some Cyber Security Hygienic Protocols For Teleworkers In Covid-19 Pandemic Period And Beyond , 2020 .

[6]  Markus Borg,et al.  Digitalization of Swedish Government Agencies - A Perspective Through the Lens of a Software Development Census , 2018, 2018 IEEE/ACM 40th International Conference on Software Engineering: Software Engineering in Society (ICSE-SEIS).

[7]  Yada Zhu,et al.  Social Phishing , 2018, Encyclopedia of Social Network Analysis and Mining. 2nd Ed..

[8]  Edgar R. Weippl,et al.  Advanced social engineering attacks , 2015, J. Inf. Secur. Appl..

[9]  Xiaohua Jia,et al.  Secure the Internet, One Home at a Time , 2014, 2015 IEEE Global Communications Conference (GLOBECOM).

[10]  Ulrik Franke,et al.  Cyber situational awareness - A systematic review of the literature , 2014, Comput. Secur..

[11]  Henrik Artman,et al.  The security awareness paradox: A case study , 2014, 2014 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM 2014).

[12]  Te-Shun Chou,et al.  SECURITY THREATS ON CLOUD COMPUTING VULNERABILITIES , 2013 .

[13]  Lori M. Kaufman Data Security in the World of Cloud Computing , 2009, IEEE Security and Privacy.

[14]  Mica R. Endsley,et al.  Toward a Theory of Situation Awareness in Dynamic Systems , 1995, Hum. Factors.

[15]  Mica R. Endsley,et al.  Situation awareness global assessment technique (SAGAT) , 1988, Proceedings of the IEEE 1988 National Aerospace and Electronics Conference.