In a post-Covid world all organisations have had to adapt to new ways of working. The transition to remote working was fast paced, reactive and not secure by design. As a result, it has required continual development to support the evolving environment.
Flexible and hybrid working continues to present new risks to organisations due to the lack of visibility of the workforce. To create a secure hybrid environment, we must help users understand why controls are needed, build understanding and accountability, use data analytics to inform the application of controls and training, and implement technical controls.
Understand why controls are needed
Working from home is less secure than working in the office environment and communicating this effectively to the workforce will help them to understand why additional security controls and training are being implemented. This will mean they are more accepting of those measures.
This should be reinforced by senior leaders acting as role models for secure behaviour. They should provide the context, and the reasons for their requests, and set an example to encourage individuals to prioritise cyber security training and other…
