Beyond the cubicle
As information risks change, existing information security controls ought to be reviewed and if necessary updated. Abrupt, major changes tend to be obvious and, in mature organizations, trigger the risk review and security update process, whereas gradual, incremental changes may creep up on us unnoticed.
Working practices are evolving. We are spending less time tethered to our desk-based 'workstations' these days, and more time on the move, whether just wandering around the office from meeting to meeting, traveling between offices and other workplaces (and working on the hoof), working from temporary and makeshift workplaces or working from home (if only to avoid the tedium of commuting).
The nature of 'work' is also evolving thanks to automation (e.g. robotics, computer-controlled machinery and IoT things) and networking (e.g. the Web plus WiFi, Bluetooth and cellular): manual labor is being supplemented or replaced by intellectual labor - we're thinking more than doing, 'working smarter not harder' as the trite saying goes. Higher-level qualifications are increasingly being demanded even for junior positions - and the impact that social change is having on those without qualifications cannot be ignored.
Talking of social change, we are interacting with expanding and diffuse social networks including people we have never met in person and who work for other organizations, as much as our close work colleagues. Physical distance is becoming less relevant, while [some] cultural and language barriers are sliding if not toppling.
So, July's awareness module on workplace information security presents an opportunity for our customers to take stock, to consider the evolutionary changes that have already occurred plus those that are ongoing and likely to come along, from the perspective of the information risks and hence the security requirements. This is awareness in the broadest sense, opening eyes to the stuff going on beyond the cubicle.
Workplace information security is an important awareness topic with profound implications for us and our organizations.