As people settle into the late stages of the pandemic, the hybrid workplace is not going anywhere. Therefore, the enterprise must address the increasing number of entry points into the network as more employees work remotely.

In 2021, 61% of malware directed at organizations targeted remote employees via cloud apps. Since the onset of the pandemic, about 30% of organizations have reported a spike in cyber attack attempts.

It’s been harder lately to manage the logistics of where employees connect. So, it’s no wonder that 54% of IT workers are on edge about the possibility of future cyber attacks.

However, people often don’t understand the hybrid work model. The only way the enterprise can address the myriad challenges is to gain a solid grasp on how the workplace is really evolving.

What is the hybrid work model?

The hybrid model combines a remote and a regular on-premise workforce. Employees want to be flexible in where and when they work. Plus, as new tech constantly develops, the workforce is becoming more virtual.

This modern work model is not one-size-fits-all, and each company’s version will be unique. The most successful hybrid solutions are flexible and agile, so they can meet the ever-changing demands of management, employees and any regulations.

According to an Economist Impact survey commissioned by Google Workplace, more than three-quarters (75%) of employees and managers expected to adopt the hybrid work model within their business or agency in the next three years.

Cybersecurity challenges in adopting the hybrid work model fall into three basic categories: data, devices and behavior.

So much data

Whether employees are hybrid, remote or work in the office, they have access to an increasing amount of sensitive data. The business must safeguard that data. As the attack surface widens, data protection becomes more difficult.

But data protection has always been critical, and while hybrid makes the issue worse, it’s the skyrocketing number of devices and endpoints that stand out.

All these devices

The ever-growing number of other devices in our lives presents significant obstacles for enterprise security in a hybrid work environment. Employees returning to the office are doing so with not just one device but a steady wave of new ones. Many questions arise from this:

  • Did the organization issue their devices?
  • Does someone regularly update the OS or firmware?
  • Are all software patches in place?
  • Do you know all of the networks the device has connected to? What other parties have been on those networks?

User behavior

According to IBM’s 2021 Data Breach Report, the average cost of a data breach due to remote work was $1.07 million higher in those attacks in which remote work was a factor. While lack of the right technology or resources certainly plays a role, online employee behavior is a critical cause.

As we adapt to the ever-changing shifts in society, humans are not at our best. The adage still applies: humans are the weakest link in the cybersecurity chain. Thinking about threat actors is not top of mind for many employees as they tackle their daily tasks. The threat actors are well aware of that.

Hybrid work model strategies

As always, the best strategies start with the basics. Good security hygiene applied as much before the pandemic as it does today. What this means is you’ll want to ensure:

  • Remote employees use a VPN
  • Employees know cyber attacks could happen
  • Employees can access only the resources they need
  • Your team patches systems often
  • Your networks are segmented.

When it comes to network segmentation, it’s important not to limit this to the corporate network. Employees working from home should consider splitting their home network into work and home segments. Most internet providers today can accommodate this setting. Especially as more internet of things (IoT) devices are brought into the home, the potential damage of an attack increases. With segmentation, if an attacker hits an IoT device because of the actions of another family member, the payload won’t wreak havoc on other network devices.

Whether or not you decide to include home network segments, you need to back up your strategy with some sort of robust policy. Update those policies to address the hybrid work model. From the C-suite to all employees, make sure everyone is aware of the policies and adheres to them. Monitoring services and tools like identity and access management are critical here.

For employees working from the office, you’ll need to decide how you’re going to treat all these new devices — whether bring-your-own-device or corporate-issued. Do you expect employees to follow certain rules before returning to the office? Do you have a clear understanding of what constitutes a trusted device? You should be aware of not just what actions you can take but how you’ll respond if a security threat occurs.

The meeting of zero trust and hybrid work

But perhaps the most efficient way to address the security challenges is adopting a zero trust strategy. With a blueprinted zero trust approach, organizations can empower their workforce by correlating security information across all domains and quickly grant conditional access based on the model of least privilege.

Finally, your team will need to be transparent about their policies, rules and standards. The more transparent you are, the less likely it is employees will perceive your team as the enemy.

More from Risk Management

Digital solidarity vs. digital sovereignty: Which side are you on?

4 min read - The landscape of international cyber policy continues to evolve rapidly, reflecting the dynamic nature of technology and global geopolitics. Central to this evolution are two competing concepts: digital solidarity and digital sovereignty.The U.S. Department of State, through its newly released International Cyberspace and Digital Policy Strategy, has articulated a clear preference for digital solidarity, positioning it as a counterpoint to the protectionist approach of digital sovereignty.What are the main differences between these two concepts, and why does it matter? Let’s…

A decade of global cyberattacks, and where they left us

5 min read - The cyberattack landscape has seen monumental shifts and enormous growth in the past decade or so.I spoke to Michelle Alvarez, X-Force Strategic Threat Analysis Manager at IBM, who told me that the most visible change in cybersecurity can be summed up in one word: scale. A decade ago, “'mega-breaches' were relatively rare, but now feel like an everyday occurrence.”A summary of the past decade in global cyberattacksThe cybersecurity landscape has been impacted by major world events, especially in recent years.…

It all adds up: Pretexting in executive compromise

4 min read - Executives hold the keys to the corporate kingdom. If attackers can gain the trust of executives using layered social engineering techniques, they may be able to access sensitive corporate information such as intellectual property, financial data or administrative control logins and passwords.While phishing remains the primary pathway to executive compromise, increasing C-suite awareness of this risk requires a more in-depth approach from attackers: Pretexting.What is pretexting?Pretexting is the use of a fabricated story or narrative — a “pretext” — to…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today