Hybrid work was one of the key themes that emerged in PwC’s Middle East Workforce Hopes and Fears Survey, with 59 percent of respondents preferring to spend at least half of their time working remotely. Clearly, hybrid work is not just a trend. The new culture of working flexibly and from several different locations – which is what hybrid work essentially is – is here to stay.
However, as more companies continue to enjoy this flexible way of working, cybersecurity is a growing concern. Cybercrimes in the GCC increased by a staggering 22 percent between mid-2021 and mid-2022, reiterating the need for organisations in the region to adopt a new approach to hybrid workplace security.
New cybersecurity strategies are needed to prevent, detect, and contain cyber threats, and to enhance remote PC management to mitigate risks from lost or stolen devices. This is reiterated in a recent position paper released by the UAE Cybersecurity Council, which urges CIOs, both locally and globally, to take a proactive approach to fight against cyber attackers amid rapid digital transformation and business growth.
The centre of the hybrid worker’s world
An astonishing 82 percent of security leaders operating a hybrid work model have gaps in their organisation’s security posture according to the latest hybrid security report from HP Wolf Security.
The endpoint is the heart of the hybrid worker’s world; making laptops, tablets, PCs, smartphones, and peripherals such as printers a preferred entry point for attackers, with 84 percent of security leaders reiterating that the endpoint was the source of the most damaging and highest number of cyber threats.
Hybrid work amplifies this challenge because devices do not frequently receive the protection provided by the enterprise perimeter. For example, devices can be left unpatched and without adequate protection. Local networks may be misconfigured and potentially compromised. Additionally, remote employees may be in a more relaxed environment with no colleagues to consult, making them more prone to clicking on risky links or opening malware-containing attachments.
Sixty six percent of IT and security leaders say that the potential for hybrid employees to be compromised is the most significant cybersecurity vulnerability, citing phishing, ransomware, and attacks via unsecured home networks as top risks. Risks are amplified in the instance where employees can work from cafes, airports, or even while living the digital nomad lifestyle abroad.
Investing in hybrid security
According to a separate PwC study, nearly 65 percent of Middle East respondents say their businesses face concerning cyber and privacy risks, especially when it comes to governance of data, data infrastructure and technology applications.
Consequently, organisations are investing more heavily in their security strategies, with 82 percent of global security leaders having increased budgets for hybrid workers. However, it is most important to ensure that budgets are allocated to the right areas, including making the endpoint the heart of any hybrid security strategy.
Remote management of devices
Better remote management of devices is another priority for IT and security teams, as cloud technologies have helped reduce workload, but are not entirely effective. Seventy percent of security leaders say hybrid work increases the risk of lost or stolen devices.
The risk of human error is higher when workers are on the move, and thieves are always on the lookout for devices they can grab. This poses a severe risk, particularly in highly regulated sectors such as government, where a lost or stolen laptop could pose a national security threat.
A new approach to hybrid workplace security
The first step to mitigating these concerns is to find a new way to connect with remote computers over cellular networks. This approach allows devices to be managed even when turned off or offline, and lost or stolen devices can be located, locked, and wiped, reducing the risk of data leaks and breaches.
While roughly 80 percent of companies have implemented various strategies and tools to secure their hybrid employees, it is essential to move away from the traditional perimeter-focused mindset. To ensure safety in the hybrid era, it is crucial to prioritise endpoint protection by incorporating hardware-based security measures and safeguards above, within, and beneath the operating system. This approach will enable companies to safeguard their staff without impinging upon the freedoms granted by hybrid work.
Over the next year, nearly two-thirds (61 percent) of organisations expect safeguarding their hybrid workforce to become even more challenging. However, by enhancing remote management and adopting hardware-enforced security, organisations can boost employee productivity while keeping cyber threats at bay.
IT managers must consider new ways to connect with remote computers over cellular networks. HP has developed an IT management connectivity solution, and the new HP Wolf Connect service now enables IT to manage devices even when powered down or offline, addressing the more nuanced risks and challenges that characterise flexible working.