02 Jun

Hybrid home working and cyber security risks

Evolving how we live and work

Author: Vijay Rathour, Head of Digital Forensics, Grant Thornton UK

The Aztecs may have only been a little off target for the end of the world, but hopefully we have come through this particular Armageddon and out of the other side into a world that is very different. Family, politics, travel, work, play, and everything that matters has been shaken up and the pieces have landed in a very different form. And as we begin to return to the skies, beaches, desks and offices, many employers, and their employees, are asking what the new work paradigm should be.

Hybrid Home Working is one expression for how many employees want to work. Studies are showing that the vast majority of employees want to embrace a hybrid working environment. IBM is predicting that 80% of its employees will favour a hybrid remote-work model after the pandemic ends. Google expects 60% of its staff to return to offices for part of the week, while 20% will be offered the ability to work permanently from home. Many organisations, including my own, are re-evaluating what an office is for, and whether traveling to and for work is now an outmoded concept.

“Teleworking” is our future, and with it, changes in aspiration, community, loyalty, and practicality will follow. The efficiency gains are indisputable, with many industries embracing the improved productivity that has followed from allowing employees to work in a more flexible environment. And where will that environment be? Well, subject to tax implications and travel restrictions, potentially anywhere! My laptop works as well from a glass-fronted office in London as it does from under the shade of a beach umbrella in Singapore. 

However, cyber security risks are certainly following changes in working habits: correlation and causation align. Employees are logging in to their computers in time zones the other side of the world from “normal”. They are using hotel Wi-Fi signals, logging in from the gym between work-outs, using their iPad in the park while walking the dog, and indeed, embracing the best of a Hybrid Home Working paradigm that allows us to work and play better, but not one at the expense of the other. 

Our cyber adversaries evolve like the organism that has ravaged society over the last year, finding new weaknesses, developing new variants and creating new opportunities to spread havoc. “Spear-fishing” tactics that seek to target, confuse and undermine the security measures used by high-profile or financially valuable employee targets, including the CEO, CFO and Credit Control Team, are on the rise, and increasingly successful. A single errant Teams invite can be used to ensnare the attention of a senior executive. A click on the invite, a password entered, a meeting commenced – we’re doing it tens of times daily. And yet any one of those could be the one that captures the digital keys to your kingdom and brings down your IT infrastructure.

As we evolve as a species, so do our opportunities, and our threats. Hybrid Home Working is bringing about one of the most dramatic societal shifts since the industrial age, and many organisations are embracing its best to amplify the skills and strengths of our colleagues, our brands and markets and the ability to serve our customers better. But evolution and change also creates the opportunity for others to identify a chink in the armour, a weak password, an outdated VPN deployment. And with this, our colleagues can become our enemies, our brands can become tarnished, and our customers will seek other options to meet their needs. 

Hybrid Home Working will work: as a society we will create new paradigms, new strategies, new revenue models, new customers, new opportunities. And to fully embrace this evolution, we must also maintain vigilance against unintended consequences.

Vijay will be co-chairing and presenting at ABTA’s Data and Cyber Protection Training for Travel on 8 June. This virtual training day offers practical guidance on data protection and cyber security. Ensure you have processes in place to protect your business and mitigate risks.

Joining Vijay will be expert speakers from Grant Thornton, Travlaw, James Hallam, ABTA, Flight Centre and Clarity Travel.

To register your place and view the full event agenda please visit abta.com/abtaevents.