{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,23]],"date-time":"2026-04-23T20:00:22Z","timestamp":1776974422637,"version":"3.51.4"},"reference-count":38,"publisher":"Oxford University Press (OUP)","issue":"1","license":[{"start":{"date-parts":[[2024,1,24]],"date-time":"2024-01-24T00:00:00Z","timestamp":1706054400000},"content-version":"vor","delay-in-days":23,"URL":"https:\/\/creativecommons.org\/licenses\/by-nc\/4.0\/"}],"funder":[{"DOI":"10.13039\/100015539","name":"Australian Government","doi-asserted-by":"publisher","id":[{"id":"10.13039\/100015539","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024,1,2]]},"abstract":"<jats:title>Abstract<\/jats:title>\n               <jats:p>This research examined the lives of Australian employees who moved to work from home during COVID-19. Taking a unique approach to cybersecurity, we sought to gain insights into the intermingling of individuals\u2019 personal lives and technology to inform policies and educational programmes. The study employed interpretative phenomenological analysis to understand 27 participants\u2019 lived experiences under lockdown. We found that psychological (e.g. stress, anxiety, confidence, motivation) and sociological (e.g. sharing physical spaces, digital divide) factors impacted employees\u2019 likelihood and ability to engage in effective cybersecurity practices. So did new ways of using technology (e.g. teaching via Zoom), which elucidated unexpected but significant security concerns (e.g. naked children in virtual classrooms). We suggest that cyber educators and policymakers take a Vygotskian approach, which considers that social interaction is central to learning. This assumption means that personal factors must be considered instead of a \u2018one-size-fits-all approach\u2019. We argue that organizations should think about approaches that consider the employees\u2019 psychological state before training (and perhaps find ways to reduce anxiety), helping employees redesign their home workspaces to ensure privacy and concentration, and updating employees\u2019 digital devices. Practitioners and scholars can also apply these results post-COVID-19, especially if the \u2018new working normal\u2019 provides options for employees to work from home.<\/jats:p>","DOI":"10.1093\/cybsec\/tyae001","type":"journal-article","created":{"date-parts":[[2024,1,25]],"date-time":"2024-01-25T08:12:41Z","timestamp":1706170361000},"source":"Crossref","is-referenced-by-count":14,"title":["Cybersecurity when working from home during COVID-19: considering the human factors"],"prefix":"10.1093","volume":"10","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-8143-289X","authenticated-orcid":false,"given":"Monica T","family":"Whitty","sequence":"first","affiliation":[{"name":"Monash University, Software Systems and Cybersecurity , Wellington Road, Melbourne, Victoria, 3800 ,","place":["Australia"]}]},{"given":"Nour","family":"Moustafa","sequence":"additional","affiliation":[{"name":"UNSW Canberra , Northcott Drive, Campbell, ACT 2612 ,","place":["Australia"]}]},{"given":"Marthie","family":"Grobler","sequence":"additional","affiliation":[{"name":"CSIRO\u2019s Data61 , Village St & Fishplate Ln, Docklands, VIC 3008 ,","place":["Australia"]}]}],"member":"286","published-online":{"date-parts":[[2024,1,24]]},"reference":[{"key":"2024121909124166700_bib1","volume-title":"ILO Monitor: COVID-19 and the World of Work","author":"International Labour Organization (ILO)","year":"2020","edition":"2nd edn"},{"key":"2024121909124166700_bib2","doi-asserted-by":"crossref","first-page":"113160","DOI":"10.1016\/j.dss.2019.113160","article-title":"Cyber hygiene: the concept, its measure, and its initial tests","volume":"128","author":"Vishnwanath","year":"2020","journal-title":"Decis Support Syst"},{"key":"2024121909124166700_bib3","doi-asserted-by":"crossref","first-page":"163","DOI":"10.69554\/UERV9928","article-title":"How is cyber threat evolving and what do organizations need to consider?","volume":"7","author":"Borrett","year":"2014","journal-title":"J Bus Contin Emer Plan"},{"issue":"5","key":"2024121909124166700_bib4","first-page":"1","article-title":"Developing a conceptual model for insider threat","volume":"27","author":"Whitty","year":"2018","journal-title":"J Manag Organ"},{"key":"2024121909124166700_bib5","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1093\/cybsec\/tyy006","article-title":"A taxonomy of cyber-harms: defining the impacts of cyber-attacks and understanding how they propagate","volume":"4","author":"Agrafiotis","year":"2018","journal-title":"J Cybersecur"},{"key":"2024121909124166700_bib6","doi-asserted-by":"crossref","first-page":"240","DOI":"10.1016\/j.future.2021.01.011","article-title":"DAD: a Distributed Anomaly Detection system using ensemble one-class statistical learning in edge networks","volume":"118","author":"Moustafa","year":"2021","journal-title":"Future Gener Comput Syst"},{"key":"2024121909124166700_bib7","first-page":"36","article-title":"An exploratory study of cyber hygiene behaviors and knowledge","volume":"42","author":"Cain","year":"2018","journal-title":"J Inf Secur Appl"},{"key":"2024121909124166700_bib8","doi-asserted-by":"crossref","first-page":"21","DOI":"10.1109\/MC.2018.2888766","article-title":"Basic cyber hygiene: does it work?","volume":"52","author":"Such","year":"2019","journal-title":"Computer"},{"issue":"1","key":"2024121909124166700_bib9","first-page":"1","article-title":"Cyber security awareness, knowledge and behavior: a comparative study","volume":"26","author":"Zwilling","year":"2022","journal-title":"J Comput Inf Syst"},{"key":"2024121909124166700_bib10","doi-asserted-by":"crossref","first-page":"73","DOI":"10.3390\/fi11030073","article-title":"Reviewing cyber security social engineering training and awareness programs\u2014pitfalls and ongoing issues","volume":"11","author":"Aldawood","year":"2019","journal-title":"Future Internet"},{"key":"2024121909124166700_bib11","doi-asserted-by":"crossref","first-page":"71","DOI":"10.2478\/hjbpa-2018-0024","article-title":"Botching human factors in cybersecurity in business organizations","volume":"9","author":"Calvin","year":"2018","journal-title":"HOLISTICA\u2014J Bus Public Admin"},{"key":"2024121909124166700_bib12","doi-asserted-by":"crossref","first-page":"e247","DOI":"10.1002\/itl2.247","article-title":"COVID-19 pandemic cybersecurity issues","volume":"4","author":"Pranggono","year":"2021","journal-title":"Internet Technol Lett"},{"key":"2024121909124166700_bib13","first-page":"6","article-title":"Home working and cyber security\u2014an outbreak of unpreparedness?","volume":"8","author":"Furnell","year":"2020","journal-title":"Comput Fraud Secur"},{"key":"2024121909124166700_bib14","doi-asserted-by":"crossref","first-page":"486","DOI":"10.1057\/s41284-021-00286-2","article-title":"Working from home during COVID-19 crisis: a cyber security culture assessment survey","volume":"35","author":"Georgiadou","year":"2022","journal-title":"Secur J"},{"key":"2024121909124166700_bib15","doi-asserted-by":"crossref","first-page":"188","DOI":"10.1109\/W-FiCloud.2018.00036","article-title":"Understanding awareness of cyber security threat among IT employees","author":"AL-Mohannadi","year":"2018","journal-title":"6th International Conference on Future Internet of Things and Cloud Workshops (FiCloudW), Barcelona, Spain"},{"issue":"8","key":"2024121909124166700_bib16","doi-asserted-by":"crossref","first-page":"11","DOI":"10.1016\/S1361-3723(19)30085-5","article-title":"Improving employees\u2019 cyber security awareness","volume":"2019","author":"Clutch","year":"2019","journal-title":"Comput Fraud Secur"},{"key":"2024121909124166700_bib17","first-page":"92","article-title":"Cyber security in the workplace: understanding and promoting behaviour change","volume":"1065","author":"Blythe","year":"2013","journal-title":"Proc of CHItaly 2013 Doctoral Consortium"},{"key":"2024121909124166700_bib18","first-page":"209","article-title":"Identifying and characterizing COVID-19 themed malicious domain campaigns","volume":"CODASPY '21","author":"Xia","year":"2021","journal-title":"Proc ACM Conf Data Appl Secur Priv"},{"key":"2024121909124166700_bib19","article-title":"A first look at zoombombing","author":"Ling","year":"2020"},{"issue":"3","key":"2024121909124166700_bib20","doi-asserted-by":"crossref","first-page":"198","DOI":"10.1080\/17489725.2021.1899319","article-title":"Technological and analytical review of contact tracing apps for COVID-19 management","volume":"15","author":"Gupta","year":"2021","journal-title":"J Locat Based Serv"},{"key":"2024121909124166700_bib21","doi-asserted-by":"crossref","first-page":"80","DOI":"10.1007\/978-3-642-39345-7_9","article-title":"Relationships between password choices, perceptions of risk and security expertise","volume-title":"Human Aspects of Information Security, Privacy and Trust","author":"Creese","year":"2013"},{"key":"2024121909124166700_bib22","doi-asserted-by":"crossref","first-page":"3","DOI":"10.1089\/cyber.2014.0179","article-title":"Individual differences in cyber security behaviours: an examination of who\u2019s sharing passwords","volume":"18","author":"Whitty","year":"2015","journal-title":"Cyberpsychol Behav Soc Netw"},{"key":"2024121909124166700_bib23","doi-asserted-by":"crossref","first-page":"475","DOI":"10.1037\/ppm0000247","article-title":"Personality as a predictor of cybersecurity behavior","volume":"9","author":"Shappie","year":"2019","journal-title":"Psychol Pop Media"},{"key":"2024121909124166700_bib24","doi-asserted-by":"crossref","first-page":"102020","DOI":"10.1016\/j.cose.2020.102020","article-title":"When believing in technology leads to poor cyber security: development of a trust in technical controls scale","volume":"98","author":"Butavicius","year":"2020","journal-title":"Comput Secur"},{"key":"2024121909124166700_bib25","doi-asserted-by":"crossref","first-page":"1515","DOI":"10.3389\/fpsyg.2019.01515","article-title":"(Re)Introducting Vygotsky\u2019s thought: from historical overview to contemporary psychology","volume":"10","author":"Vasileva","year":"2019","journal-title":"Front Psychol"},{"key":"2024121909124166700_bib26","volume-title":"Mind in Society","author":"Vygotsky","year":"1978"},{"key":"2024121909124166700_bib27","doi-asserted-by":"crossref","first-page":"27","DOI":"10.1111\/1467-8535.00236","article-title":"Toward constructivism for adult learners in online learning environments","volume":"33","author":"Huang","year":"2002","journal-title":"Brit J Educational Tech"},{"key":"2024121909124166700_bib28","first-page":"39","article-title":"Reflecting on the development of interpretative phenomenological analysis and its contribution to qualitative research in psychology","volume":"1","author":"Smith","year":"2004","journal-title":"Qual Res Psychol"},{"key":"2024121909124166700_bib29","doi-asserted-by":"crossref","first-page":"77","DOI":"10.1191\/1478088706qp063oa","article-title":"Using thematic analysis in psychology","volume":"3","author":"Braun","year":"2006","journal-title":"Qual Res Psychol"},{"key":"2024121909124166700_bib30","first-page":"63","article-title":"Insights on the process of using interpretative phenomenological analysis in a sport coaching research project","volume":"20","author":"Callary","year":"2015","journal-title":"Qual Rep"},{"key":"2024121909124166700_bib31","doi-asserted-by":"crossref","first-page":"102248","DOI":"10.1016\/j.cose.2021.102248","article-title":"Cyber security in the age of COVID-19: a timeline and analysis of cyber-crime and cyber attacks during the pandemic","volume":"105","author":"Lallie","year":"2021","journal-title":"Comput Secur"},{"key":"2024121909124166700_bib32","first-page":"57","article-title":"The human element of online consumer scams arising from the coronavirus pandemic","volume-title":"Cybercrime in the Pandemic Digital Age and Beyond","author":"Whitty","year":"2022"},{"key":"2024121909124166700_bib33","doi-asserted-by":"crossref","first-page":"225","DOI":"10.1016\/j.psyneuen.2004.08.003","article-title":"Stress hormones and human memory function across the lifespan","volume":"30","author":"Lupien","year":"2005","journal-title":"Psychoneuroendocrinology"},{"key":"2024121909124166700_bib34","doi-asserted-by":"crossref","first-page":"149","DOI":"10.1002\/rev3.3056","article-title":"Models of learning space: integrating research on space, place and learning in higher education","volume":"4","author":"Ellis","year":"2016","journal-title":"Rev Educ"},{"key":"2024121909124166700_bib35","volume-title":"Home and Work: Negotiating Boundaries Through Everyday Life","author":"Nippert-Eng","year":"1995"},{"key":"2024121909124166700_bib36","doi-asserted-by":"crossref","first-page":"101875","DOI":"10.1016\/j.cose.2020.101875","article-title":"Cultivating cybersecurity learning: an integration of self-determination and flow","volume":"96","author":"Kam","year":"2020","journal-title":"Comput Secur"},{"key":"2024121909124166700_bib37","first-page":"17","article-title":"The \u2018digital divide\u2019 versus digital differences: principles for equitable use of technology in education","volume":"40","author":"Damarin","year":"2000","journal-title":"Educ Technol"},{"key":"2024121909124166700_bib38","doi-asserted-by":"crossref","first-page":"40","DOI":"10.1145\/322796.322806","article-title":"Users are not the enemy","volume":"42","author":"Adams","year":"1999","journal-title":"Commun ACM"}],"container-title":["Journal of Cybersecurity"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/academic.oup.com\/cybersecurity\/article-pdf\/10\/1\/tyae001\/61182324\/tyae001.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/academic.oup.com\/cybersecurity\/article-pdf\/10\/1\/tyae001\/61182324\/tyae001.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,12,19]],"date-time":"2024-12-19T09:12:58Z","timestamp":1734599578000},"score":1,"resource":{"primary":{"URL":"https:\/\/academic.oup.com\/cybersecurity\/article\/doi\/10.1093\/cybsec\/tyae001\/7588826"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,1,1]]},"references-count":38,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2024,1,2]]}},"URL":"https:\/\/doi.org\/10.1093\/cybsec\/tyae001","relation":{},"ISSN":["2057-2085","2057-2093"],"issn-type":[{"value":"2057-2085","type":"print"},{"value":"2057-2093","type":"electronic"}],"subject":[],"published-other":{"date-parts":[[2024,1,1]]},"published":{"date-parts":[[2024,1,1]]},"article-number":"tyae001"}}