Home & Office

Paid Content : This paid content was written and produced by RV Studios of Red Ventures' marketing unit in collaboration with the sponsor and is not part of ZDNET's Editorial Content.

Home Home & Office Work Life Productivity

The Future Of Work Is Hybrid: Are SMEs Prepared?

Hybrid work -- the idea that work is no longer tied to any location but employees will use a combination of in-office and remote working -- is going to become standard for a large number of SMEs

Where enabling remote work became a necessity as COVID-19 social distancing and lockdown requirements came into force, 32% of small businesses and 36% of medium-sized businesses will continue to work this way as restrictions ease.

It is easy to understand why. Remote work improves the productivity of employees and offers a number of softer benefits to the organisation beyond that. Morale is better with flexibility and respect for work/life balance, for example, so staff turnover is lower. Additionally, flexible work conditions make it easier to both access and work with talent that are unable to commute to the office; for example, when such talent is interstate or overseas.

The challenge that SMEs face with hybrid work environments is in security. Flexible working arrangements and hybrid work models have the potential to open the organisation to new vulnerabilities, and the consequences of that can be significant. Research shows that as many as 60% of SMEs close within six months of a successful cyber attack. Not all SMEs are prepared to address this challenge.

The cybersecurity threat

Close to two-thirds of all APAC SMEs (62% of small businesses and 75% of medium-sized enterprises) have reported a jump of at least 25% in the number of cyber threats and alerts that they have experienced since the start of the COVID-19 pandemic. Cyber criminals are trying to take advantage of the more open networks required to enable remote working, as well as the increased use of personal technology to do work, and a general level of confusion about cyber security to attack businesses and individuals from new vectors. As noted by Deloitte:

"From our Cyber Intelligence Centre, we have observed a spike in phishing attacks, Malspams and ransomware attacks as attackers are using COVID-19 as bait to impersonate brands thereby misleading employees and customers. This will likely result in more infected personal computers and phones. Not only are businesses being targeted, end-users who download COVID-19 related applications are also being tricked into downloading ransomware disguised as legitimate applications."

Some of the most common areas where SMEs are experiencing attacks include:

- Phishing Attacks

This is where the hacker will try to disguise emails or other forms of communication as legitimate, trustworthy sources, and attempt to convince the individual to hand over their personal details, or possibly passwords and login information.

- Ransomware

Ransomware is a form of malicious software that "takes over" a computer, causing it to display messages demanding payment before the computer will be allowed to work again.

- End-point Security Threats

Attackers may also try to capitalise on the lack of physical proximity from IT security professionals. When a user is working on their laptop from home or while on the road, they are especially vulnerable to viruses and other common security errors if they are not continually educated on security best practices.

- Malware

More generally, malware such as viruses, keyloggers, trojans, and worms remain popular tools for those with malicious intent, and when the SME can no longer rely on a perimeter defence against these intrusions (as the work is no longer done within the office), new approaches to counter malware need to be found.

- Consumer-Grade Hardware Accessing Cloud Services

Finally, many of the tools that people are now using to do their work are consumer-grade and off the shelf. The home (networked) printer, the home router, and Cloud-based services that are aimed at the consumer can become a threat to the whole network if not managed well.

Managing the challenges

One final challenge that SMEs face is that of resourcing. Skill shortages across APAC are severe -- just as the pandemic was first emerging it was reported that across APAC there was a need for an additional 2.14 million cybersecurity workers. That number is only going to increase as more organisations take aim at enabling long-term hybrid working environments.

One solution for resource-strapped SMEs is to work with trusted technology partners with a heritage in providing secure solutions that meet their end-to-end needs. The added benefit to having a managed services provider such as this is that SMEs can then re-focus their attention on the core of their business: meeting the expectations of their customers.

At all stages, however, SMEs need to know that they cannot make IT investments in a vacuum. Cybersecurity should be the core and foundation for any of the digitalisation efforts that ultimately result in a hybrid working environment, and finding solutions that are built on secure principles is what will determine the security (and thus ongoing success) of any hybrid working environment.

To learn more about security in a post-COVID world for SMEs, and how Cisco is delivering the evolving role of security in hybrid work environments, click here.

Editorial standards