Hybrid work is

Hybrid work a calling for businesses to strengthen digital defences

Article by Jayden Soh, Head of Solutions, JOS

Companies operating on a hybrid work models, their doors to the looming threat of cyberattacks are wide open. 

Just last year, 94% of organisations in ASEAN reported an increase in cyberattacks. In the same year, Singapore experienced its largest data breach — the personal data of nearly 5.9 million Singaporean and Southeast Asian customers of hotel booking site RedDoorz was reported to have been leaked.

In hopes of improving efficiency and saving costs, most employees and managers expect to continue with hybrid arrangements in the post-pandemic era. However, the reality remains that heavy financial losses from cybersecurity issues have overshadowed the idyllic promises of workforce improvements that hybrid work offers.

In fact, according to IBM’s Cost of a Data Breach Report 2021, each data breach costs a company an average of US$4.24 million in 2021, 10 per cent more than it did in 2020. The average cost was also significantly higher in breaches where remote work was a factor causing the breach. 

Evidently, updating existing software and activating multi-factor authentication is no longer sufficient — there is a need to beef up our cybersecurity.

Not “if” but “when” your business will face a data breach

Hybrid work is

Jayden Soh, Head of Solutions, JOS

Credited to the hybrid work model, day-to-day work is increasingly pushed into the cloud and digital space. To ensure connectedness between employees, many businesses adopt mobile and Software as a Service (SaaS) applications that are designed to increase productivity and keep enterprises ahead of the innovation curve. Yet, the use of mobile and SaaS applications can be an invitation to a data breach.

Most businesses rush into the cloud, but fail to plan for cybersecurity, resulting in a variety of security challenges. For instance, a cloud sprawl may occur, which means that a business has excessive and uncontrolled cloud instances, services or providers. When a business’s cloud presence sprawls to an unmanageable degree, it means for the business potential communication issues, or extra payments for accounts and licences that are not in use.

Another security challenge in hybrid work is the lack of endpoint protection like shadow IT and password neglect. This can come in the form of employees adopting applications or cloud solutions without IT’s knowledge, or employees reusing the same password for work and personal accounts. According to a Prey Software study titled ‘Status of the Remote Work Cyber Security Landscape 2021’, 67% of IT professionals claim that endpoint misuse grew in their organisations in 2021.

Since a data breach is almost inevitable, managing security controls that are the right fit for the company is of paramount importance.

Upgrading your workspace intelligence

Just like how there is no one-size-fits-all approach to building a Lego house, there are a myriad of technology enablers for businesses to create a strong workplace. Businesses need to be familiar with these building blocks in order to maintain an intelligent digital workspace.

There are several key technology enablers, including cloud-based systems that provide easy access to business information wherever employees work, be it in the office, at home, or in cafés. Another enabler is the automation of data analysis and artificial intelligence (AI) data management, where operational analytics provide tactical insight for better-informed business decisions.

Finally, cybersecurity is a key building block for an intelligent workspace. Similar to putting a lock on the house door, there is a need for strong security and risk management when it comes to hybrid endpoint data. As traditional cybersecurity solutions were not designed to handle today’s fast pace of cyberthreats like data breaches, IP theft, phishing and ransomware attacks, it only makes sense to update and automate traditional cybersecurity solutions to combat these advanced risks.

To build strong cybersecurity, enterprises should periodically assess their cybersecurity systems to ensure they are up to date. They should also adopt a Zero Trust Architecture, a security framework that requires all users to be authenticated and authorised before being granted access to their systems.

Other foundations of a strong enterprise security include network security, advanced threat protection, system and endpoint protection and identity and access management.

Three key areas to protect: processes, technology and people

In a time when employees access company data through their personal devices at various locations and networks, businesses need to adopt a proactive stance to routinely scan for potential threats before they reach vulnerable users. Businesses need to protect:

●      Processes. Relook into security design, consolidate the platforms and disparate offerings within a single organisation into a single infrastructure. 

●      Technology. Leverage on trusted partners who can provide professional advice and assessment on cybersecurity. Besides, this allows for IT personnel to focus on things that matter. 

●      People. The best and latest applications are nothing more than the people who use them. Educate employees about potential and common attacks like phishing, so that they are integrated well and have the right level of awareness. Cybersecurity transformation involves all internal staff, from top to bottom.

While enhancing our cybersecurity may seem like laborious work, business leaders must reevaluate its importance in today’s remote working world. Rather than losing unnecessary time and revenue on negating the effects of cyberattacks, strengthening our digital defences now may very well be a key to a successful and cost-efficient enterprise.


The views in this article are of the author and do not reflect the views of Tech Wire Asia.