As UK lockdown measures tighten once more in response to COVID cases, many organisations are being forced to consider a future where workers may never fully return to their offices; as aired on page 61 of the October 2020 print edition of Professional Security magazine.
In March many UK businesses made the transition suddenly, without remote working policies and little guidance for their employees. A hybrid home-office workplace brings challenges to privacy and security; but with such a rapid transition, do we understand exactly what those risks are?
Those are questions posed by CyberSmart, a company that arose from a GCHQ accelerator in 2017. Starting this week, the cyber firm is joining a research group examining the risks to trust, identity, privacy and security in new ways of working as a result of COVID-19.
A three-month project is part of SPRITE+, a consortium funded by the Engineering and Physical Sciences Research Council to bring together people in research, practice, and policy with a focus on digital contexts.
This project was one of several selected for funding through a SPRITE ‘sandpit’ designed to bring together academics and industry experts to explore trust, identity, privacy, and security in the post-COVID digital economy.
CyberSmart chose to develop a project focused on the blended workplace because of its relevance to their typically SME customers who are struggling to protect their employees and operations.
Ben Koppleman, CyberSmart’s Head of Research and Innovation is leading on the project. He says: “This is important research for CyberSmart to be involved with. We want to provide an evidence-based approach to understand what new security risks have emerged due to the dramatic shift to home working, and what new measures have been taken to manage these risks.”
Balancing security of the company with the private life of the employee is another area they will examine. “We want to know if employers are placing new security demands on their employees and if these demands create tensions with employees’ privacy needs,” adds Koppleman.
The project group, which consists of academics from four universities and two from industry, will begin with a literature review but will also include qualitative research with evidence gathered from organisations and employees. The project will compare how home working has affected large enterprises and SMEs.
While the academics take the research lead, CyberSmart will support as an industry partner to provide access to relevant SMEs, as well as contribute to the risk analysis. CyberSmart adds that the project will contribute to its horizon scanning.
