The New Reality of Knowledge Work: Impact of Flexible Work Settings on Organizational Cybersecurity
通过21位专家访谈,研究了灵活工作安排(地点、时间、设备三个维度)对组织网络安全的影响,发现僵化的安全措施会导致员工抵制等意外后果,并提出了整合技术、人力和组织因素的网络安全框架。
Abstract The rise of flexible work arrangements increases knowledge workers’ autonomy and organizations’ access to talent but exacerbates the cybersecurity threat landscape for organizations. A key tension exists between enabling work flexibility and maintaining robust cybersecurity. Despite the growing prevalence of flexible work, cybersecurity research has largely overlooked its multifaceted nature, particularly beyond the dimension of location. To explore the impact of flexible work arrangements on organizational cybersecurity, we conducted 21 expert interviews with (predominantly young) professionals and academics. Our findings highlight three key dimensions of flexible work — location, time, and device — each presenting unique cybersecurity vulnerabilities. We identify critical tensions between cybersecurity policies and work flexibility, indicating that overly rigid cybersecurity measures can lead to unintended consequences such as employee resistance and non-compliance. We propose an integrative cybersecurity framework that considers technological, human, and organizational factors in flexible work environments, facilitating the optimization of both organizational resilience and employee productivity. Our research highlights the need for adaptive cybersecurity strategies that address the realities of flexible work, enhancing both security and overall value creation. It provides a more holistic understanding of cybersecurity in modern work environments and offers practical guidance for managers.