Ryan Farsai

expert panel

Remote and hybrid work haven’t just changed where many of us work; they have expanded the cyberattack surface and reshaped the ways risk moves through an organization. Laptops hop from kitchen tables to coffee shops. Sensitive files live in the cloud. Slack messages replace hallway conversations. While this flexibility is a win for professionals and, often, a catalyst for enhanced productivity, remote work also gives cybercriminals more chances to slip inside a company’s digital defenses. Most costly cybersecurity incidents don’t start with elite hackers battering down firewalls. They start with everyday employees making very human mistakes. Remote workers may hesitate to “bother” the IT team with questions or concerns, or asynchronous schedules may mean a wait for expert help. Home networks may not have the robust protections of those in an office setting. Cybercriminals are very aware of the vulnerabilities that come with remote work, and they’re taking advantage: In 2025, 78% of organizations with remote staff reported experiencing at least one security incident related to remote work.  Teaching all staff how to recognize threats and follow basic digital hygiene is now foundational risk management; every employee is part of the security stack, whether they know it or not. That reality leaves many leaders asking a practical question: What should every employee actually be taught—and required—to do? And how can executives without a cybersecurity background cover the essentials without killing the flexibility that makes remote work attractive and effective?  The members of the Senior Executive Cybersecurity Think Tank specialize in enterprise cybersecurity strategies, data breach prevention and risk management. Here, two of them cut through the jargon to focus on remote and hybrid cybersecurity fundamentals that scale, habits leaders can model, and simple expectations that significantly reduce risk—no computer science degree required.