In our most recent research report, Securing the Future of Hybrid Working, we revealed that 75% of IT decisions makers believe the future of work will be “remote” or hybrid” – where employees could work wherever and however they’d like.
So, we wanted to find out:
- How that might affect an organization’s security culture
- Why a positive security culture is even more important when employees are remote
- How automation can help ease the burden on thinly-stretched IT teams while empowering employees to make smarter security decisions
We explored these topics with Rachel Beard, Principal Security Technical Architect at Salesforce, and Ray Chery, SVP and Co-Head of Security Softwares at Jefferies. The discussion was led by Trevor Luker, Tessian’s VP of Information Technology. Want to watch the full video? You can view it on-demand here.
Otherwise, read our notes below for key takeaways and quotes from the panelists.
Want to learn more about our guest speakers and their companies? Skip down to the bottom of the page. And, if you want to be the first to know about future virtual events, subscribe to our newsletter.
5 key takeaways from the Tessian webinar
- We have to re-learn how to communicate in a hybrid work structure. Gone are the days of just walking up to our colleagues and asking if they sent that suspicious email or tapping someone in IT on the shoulder to clarify a new security policy. That means security and business leaders need to arm their teams with tools to collaborate and frequently check-in to make sure each and every employee feels comfortable with their new remote set-up.
- The key to a positive security culture is making employees feel like they play an active role in protecting the organization’s systems and data. But how? Instill the value of privacy and security from the outset with training and other programs and initiatives. Watch the full webinar for more insights into exactly what Rachel and Ray do at Salesforce and Jefferies.
- There are benefits and drawbacks to hybrid work. According to Rachel and Ray, productivity is on the rise, which is great news. Teams are aligning on shared goals and initiatives, despite being physically distant. But people are missing the “human” interaction and camaraderie of an in-person office and many are finding it difficult to separate their personal and professional lives. It’s essential you tackle this problem head on and prioritize employee wellbeing.
- Automated tools can make security accessible for everyone. This also contributes to a positive security culture by reducing IT teams’ workload. More on this in the summarized Q&A below.
- Jefferies uses Tessian to prevent misdirected emails. Ray’s team loves Tessian for its “noise-to-value ratio”. So, what makes Tessian so easy to use? Our technology is powered by machine learning, which means our solutions automatically detect and prevent threats like data exfiltration, misdirected emails, and spear phishing with accuracy and ease.
To find out more about how Rachel and Ray think about security culture, Trevor asked them both several questions about their perspective on automation and how to make employees a part of the solution.
We summarized their answers below. Remember, you can watch the full interview here.
Q. Prior to COVID, Jefferies went from 5% to 99% of their employees working remote. Will this change be permanent?
Ray: “We’re all more comfortable with getting things done from home; we’ve had to grow accustomed to it over the course of the last couple months. [However], our IT team is planning on going back to being in the office 2 or 3 of the 5 days every week. And part of that is driven by the fact that the interaction with the team is different virtually. Teams that really do interact more collaboratively feel the need to still be in the office. I definitely think hybrid work is here to stay.”
Q. Would you say that increased employee workload makes your organization more vulnerable?
Ray: “We’re all doing a million things at once. When you’re stretched that thin all the time, folks tend to make mistakes, are more likely to click on an email that they’re not supposed to, or may not be reading things as thoroughly as they need to. The risks are definitely enhanced given that everyone is working from home now.”
Looking for more insights into why people make mistakes and how businesses can prevent errors before they turn into breaches? Check out our research, The Psychology of Human Error.
Q. How can automation save your IT team’s time?
Rachel: “At Salesforce, we’ve always had a lot of self-service mechanisms. We have Concierge as our service where you can go searching for the information that you need and open a ticket only if you need advanced help. But now, we’re looking at other ways that our customers can do the same. That way, IT can be more available for the highly specialized activities, and some of the more routine ones can be addressed by the employees themselves.”
Ray: “Ultimately, there’s no patch for human error. Humans are going to make mistakes. I think as much automation as we can incorporate into our security stack is really for the better. It removes repetitive errors, streamlines incident management, and reduces the boring stuff that our security analysts need to do. Instead of formally writing tickets and reaching out to me as an employee every time I violate an email rule, we can set it up as such so there’s a pop-up instead.”