The past 20 months have proven that cybersecurity professionals don’t need to be in a physical office environment to protect and defend their organizations.
Clar Rosso
CEO, (ISC)2
COVID-19 forced a lot of change in the ways we operate businesses, including where we perform our jobs. Remote work has never been so widely mandated or accepted. Fewer professionals have long, overcrowded commutes to work, finding themselves equally — if not more — productive at home while enjoying more time with family and friends.
The arrangement worked out so well that 89 percent of employees who worked remotely during the pandemic expect to continue working away from the office at some capacity beyond the pandemic. In fact, more than one-third of people would choose the flexibility of working remotely over getting a pay raise.
It’s long been debated whether professionals in the cybersecurity industry effectively work remotely. The past 20 months have proven that cybersecurity professionals don’t need to be in a physical office environment to protect and defend their organizations.
The flexibility offered by remote work policies has allowed cybersecurity professionals to address cybersecurity issues quickly, educate staff on the latest cybersecurity threats, enhance monitoring and defenses, and so much more.
WFH
Besides the advantages of remote work as a public health and public safety measure, the rising popularity of work from home (WFH) policies reflects the positive experiences many organizations have had with the transition to a remote workforce.
Most notably, leaders have seen continued and increased productivity from their remote employees. An SHRM study found that 77 percent of workers report they are more productive at home, with 30 percent accomplishing more in less time and 24 percent accomplishing more in the same amount of time.
The 2021 (ISC)2 Cybersecurity Workforce Study found that, beyond health and safety, the most common drivers for organizations to adopt remote work policies are that their staff can effectively carry out job responsibilities remotely (43 percent), management is confident in employee performance away from the office (41 percent), staff prefer to work remotely (36 percent), and organizations enjoy a reduction in fixed costs to support physical office environments (35 percent).
Although most cybersecurity professionals now work remotely, some occasionally go into the office. The most common drivers according to the 2021 Cybersecurity Workforce Study are personal preference (40 percent), their role requires an on-site presence (35 percent), and management preference (34 percent).
Evolving threats
Despite the numerous benefits of remote work, the threat landscape continues to evolve and attack surfaces continue to multiply, creating new cybersecurity challenges. The top areas of concern are rapid deployment of new collaboration tools (31 percent), lack of security awareness among the remote workforce (30 percent), keeping up with the new threats and tactics (29 percent), and physical security with so many distributed assets (29 percent).
Nonetheless, there are several unexpected ways in which the pandemic has spurred improvements and changed organizations for the better, such as improved workplace flexibility (53 percent), accelerated innovation and digital transformation efforts (37 percent), and stronger collaboration (34 percent).
As a result, morale is high among cybersecurity professionals. (ISC)2 research found that more than half consider personal morale above average (29 percent) or excellent (26 percent). Team leads also have taken notice, as more than half report that their teams’ morale is above average or excellent.
Staying put
For now, remote work will continue to be the norm for cybersecurity professionals, as only 24 percent of organizations across the globe have plans to fully return to a conventional office environment, and even less of the cybersecurity workforce — just 15 percent — want to fully return to a physical office environment.
Cybersecurity professionals adapted their approaches in response to the challenges presented by the pandemic, finding innovative solutions to fortify security and proactively preparing for whatever comes next. Cybersecurity professionals continue to prove that they are resilient despite widespread uncertainty.
As we move into the third year of the pandemic and the “Great Resignation” trend continues, it’s important that organizational leaders support cybersecurity teams, and invest in and prioritize security across the organization.
When cybersecurity professionals — or any working professional — feel valued and that their opinions matter, they are more likely to stay and do good work for the organization. This support could be the difference between successfully thwarting cyberattacks and experiencing a costly breach.