The Shifting Landscape of Cybersecurity: The Impact of Remote Work and COVID-19 on Data Breach Trends

TL;DR

This paper investigates how the COVID-19-induced shift to remote work affected data-breach trends using Montana's Data Breach database (April 2018–April 2022). By comparing two-year windows before and after the remote-work milestone of April 2020, the study finds breach counts and affected individuals increased post-transition, while median incident duration declined and reporting lag rose. It also notes widespread use of identity monitoring, reliance on external forensics, and relatively boilerplate breach notifications, highlighting areas for improved transparency and remediation. Although Montana-focused, the findings offer timely guidance for cybersecurity preparedness in remote-work contexts and motivate broader, cross-regional analyses to inform policy and practice.

Abstract

This study examines the impact of the COVID-19 pandemic on cybersecurity and data breaches, with a specific focus on the shift toward remote work. The study identifies trends and offers insights into cybersecurity incidents by analyzing data breaches two years before and two years after the start of remote work. Data was collected from the Montana Department of Justice Data Breach database and consisted of data breaches that occurred between April 2018 and April 2022. The findings inform best practices for cybersecurity preparedness in remote work environments, aiding organizations to enhance their defenses. Although the study's data is limited to Montana, it offers valuable insights for cybersecurity professionals worldwide. As remote work continues to evolve, organizations must remain adaptable and vigilant in their cybersecurity strategies.