In today’s age of innovation, enterprises are understandably concerned with how new technologies will impact the way jobs are performed in the next few years. The office of the future is forcing business leaders to grapple with how to seamlessly integrate technology into the workplace as a means to increase productivity and efficiency. However, there is a need to do so in a way that doesn’t compromise enterprise security.
In the second half of 2018, the UK and France signed a major deal for AI and cybersecurity cooperation and a legal proposal to overhaul the EU’s cybersecurity rules passed on 10 July as the European Parliament’s Industry Committee (ITRE) approved a plan to create a voluntary system for certifying the security level of technology products. By working together with industry, innovation in this sector can flourish and we should expect many more similar partnerships and legislations to arise in the near future.
With technology encouraging greater geographic flexibility and connectivity for workers and other people who may be outside an organisation, security will be paramount to ensuring an enterprise doesn’t lose its footing amidst an ever-changing future of work. This is becoming a globally accepted fact: in 2004, the global cybersecurity market was worth $3.5 billion, it is now estimated to have surpassed $120 billion. It is clear that while the office of the future offers a wealth of opportunities and benefits for businesses and consumers, including more flexibility, speed, efficiency and time saved, the threats are also complex and growing.
Why is the office of the future particularly vulnerable? As any business digitally evolves, it will, by nature, become more vulnerable to virtual security threats. Future ways of working rely upon constant, intimate digital connections with suppliers, partners and customers to stay relevant and competitive. This poses a unique set of cyber risks, and more exposure to people around the world who may pose a security threat to your business. All that sensitive data, connectivity and automation multiplies the opportunities for hackers by expanding the “surface area” exposed to cyber attack and, because digital systems are so embedded in daily operations, the potential damage from even a single security incident is magnified
There are a number of steps that businesses can take to ensure the office of the future is resilient. As the below points will show, good cyber hygiene is about expecting the worst, as much as it is about building up security credentials:
- Enterprises should build a dedicated security team and include them in strategy sessions to extend expertise and accountability for cybersecurity to the front-line of the business. The latest European Commission data found that one out of every three enterprises in the EU-28 had a formally defined ICT security policy. However, this was much more common for large enterprises than small ones, which were three times less likely to have this kind of policy in place.
- Employees should be part of every solution. Bringing employees into the fold and ensuring they are invested in business outcomes can be one of the safest actions business leaders can take. For example, Gartner found that empowering others to be part of risk management greatly increases the chance of success. It’s easy for employees to forget how small errors or lapses can create vulnerabilities. Research from Code42’s 2018 Data Exposure Report also suggests that this is not just an issue with junior staff, with 59% of CEOs admitting to downloading software without knowing whether it is approved by corporate security. The easiest way of mitigating this is by involving employees from the start.
- Be an advocate for protecting customers. The connected nature of the office of the future means that businesses should help customers understand how to protect themselves not only from cyber threats but also legal repercussions. Since the introduction of the GDPR there are even higher stakes for ensuring that you and your customers are legally compliant. Organisations should be proactive in understanding the implications of new and upcoming legislation, so that they can properly advise and support their customers.
- Think beyond your enterprise to your ecosystem. By collaborating with partners, suppliers and other third parties to share cybersecurity knowledge, products and services, businesses can expand their awareness of issues and work to tackle them more effectively. What makes cybercrime so dangerous is that it is continually evolving and innovating, because cyber criminals are highly motivated, constantly evolving – and cybercrime is their business
- Focus on the basics Organisations impacted by cybercrime continue to be reluctant to share information or collaborate with one another. According to a 2018 report by Sapio Research, 84% of respondents wanted to be notified immediately if a company they worked with had experienced a breach. But only 37% said they would share that information if their own organisation’s data were compromised. A lack of sharing is not an option for the office of the future: cross-organisational working groups that analyse threats and share solutions present the best opportunity for businesses to be able to keep up with the rate of threat.
None of this means that the office of the future is a security liability. Set up correctly, the office of the future can be one of the biggest drivers of economic change, growth and prosperity at both a business and a national level.
Using intelligent technologies and big data in all facets of business operations will continue to drive profitable growth. As we’ve seen however, this can make it uniquely vulnerable to security breaches and additional security measures should be seen as imperative for success. In the face of a common threat which is growing at unprecedented levels, the office of the future will need to invest more in its employees to reduce risk, dedicate resource to protecting customers and collaborate to share learnings to mitigate cyber threats. Given the transformational nature of the office of the future, developing a stronger security strategy is simply part of the futurisation process.