Nobody is quite sure when the fourth wave of COVID-19 will end or if more will follow. That's why increasing thought must be given to navigating cybersecurity in the hybrid workplace.

The hybrid model of work is here to stay

Undoubtedly, the pandemic has urged organizations to ramp up their digital transformation agenda to satisfy the fast-changing needs of the workforce. Equipped with fit-for-purpose technologies, employees can remain productive while working away from the confines of a traditional office. Now, with the pace of global vaccination accelerating, there has been much excitement over resuming some degree of in-person interaction in the workplace. Such paradigm shift is called the hybrid working model.

And it is here to stay. McKinsey reported a growing preference over flexible working arrangements among employees [1]. Global research also states that 72% of corporate leaders consider offering hybrid settings [2].

But getting hybrid right is no easy task. As the workforce is settling into new routines, leaders and managers realized a radical shift in the threat landscape alongside concerns over people management, employee well-being, etc. Devices moving in and out of the office exposes the organizational network to greater cyber risks and potentially derails digital initiatives. Indeed, 54% of IT leaders also expressed concern over staff bringing infected personal devices into the hybrid setting [2].

And that's just the tip of the iceberg.

Zero Trust Might Be the Missing Ingredient

The mass shift in work styles brings significant hurdles, which is why businesses need a more flexible and broader range of cybersecurity solutions, one of which is zero trust. 

Perimeter is a traditional network security system that builds a wall between trusted and untrusted actors. Every operation and access within such perimeter are assumed to be safe. Nonetheless, hybrid settings have moved a company's operations beyond the perimeter.

Hence the rise of zero trust. Built on a mantra of "never trust, always verify", zero trust sends the IT team back to the driver's seat by granting them more control over the company's data, systems or networks. Particularly, every request to access resources or assets must be verified, whether it stems from outside or inside the perimeter. Such constant scrutiny prevents bad actors' lateral movements from spreading inside network environments, 

Humans Might Be the Weakest Link in the Company's Security Chain. 

During the first year of the pandemic, IT staff were in a scramble to make sure staff were well prepared to work from anywhere and effective cybersecurity measures were in place. Yet, securing the hybrid work strategy does not only require the dedication of the IT team. Fundamental to the future of work is the dedication to creating a supportive environment for all employees and employers, which is why leaders and managers need to effectively communicate organizational cybersecurity policies. Human employees are also required to take action by being vigilant about protecting their devices.

Author Nguyen Dang Ha Phuong