Abstract

The situation caused by the outbreak of the COVID-19 virus has forced many companies to switch to crisis management and often shift to remote work. It turns out that the processes and procedures in some companies are not properly adjusted to the new conditions. With the dynamically increasing level of cyber threats, the sphere of cybersecurity should not be underestimated, and companies should take appropriate measures to reduce the risk of damage resulting from attacks on IT infrastructure. Both national and EU legislators have not introduced any detailed regulations on remote work so far, and thus the burden of introducing appropriate rules of conduct rests on individual entrepreneurs. Today, cybersecurity should not be considered only from the perspective of applying adequate IT security solutions, but also in terms of introducing appropriate work organization, including the principles of using suitable tools and procedures for data processing, in accordance with the guidelines and recommendations of national and international institutions, such as ENISA or UODO (Personal Data Protection Office in Poland).