The impact of hybrid work on organisational security is a top concern for chief information security officers (CISOs), according to a new study.

organisational security hybrid working

The research, conducted by Red Access looked into the views of 300 CISOs in the UK and US, bringing in a variety of industries and companies with 5,000 or more employees.

One of the most significant findings from the 2023 State of Hybrid Work and Browsing Security Survey Report is that browsing-based threats ranked as CISOs’ top concern. This view was held regardless of whether the CISOs’ organisations were primarily in-office, hybrid, or remote. Insecure browsing also topped the list of CISOs’ worries specifically for hybrid and remote workers.

The report also revealed that 63% of CISOs anticipate most employees at their organisations will work under a primarily hybrid or remote model in three years’ time. However, 72% of CISOs believe that the hybrid and remote workforce negatively impacts their organisation’s security posture.

When asked to select the top three most significant cyber threats to their firms, “Browsing Threats” topped the list, with nearly half (43%) ranking it as a top concern. CISOs also ranked “insecure browsing” as the number one hybrid/remote work security anxiety that puts their organisations at the most risk.

The report also found that adoption rates of Secure Web Gateway (SWG) and Remote Browser Isolation (RBI) solutions are significantly lower at companies where most employees would be working in a remote or hybrid environment in three years’ time (47%), than at organisations where employees would be working primarily in-office (55%).

Furthermore, the report noted that 73% of CISOs believe that a new security solution should enable a seamless end-user experience on any device.

Dor Zvi, co-founder and CEO at Red Access, stressed the importance of organizations investing in technologies dedicated to protecting every employee’s browsing activity, no matter where it originates, stating:

“Web browsing has become the operating layer on which hybrid and remote work run, and organisations ought to do as much as they possibly can to secure it.”

Related Events

PrivSec Global brings together leading experts from around the globe, for a 2-day livestream experience that ensures attendees have access to the latest information, guidance and advice on data protection, privacy and security.

PrivSec Global returns on 17th & 18th May 2023, and will once again deliver a carefully curated agenda that taps into the expertise of subject matter experts, industry leaders and academics.



→ Preventing Insider Threats Without Compromising Workflow

  • Day 1: Wednesday 17th May 2023
  • 17:30 - 18:15