Addressing 5 major risks of the hybrid work model

Written by
RMI Team (F)

After surveying almost 209,000 employees for their Decoding Global Ways of Working report[1], the Boston Consulting Group found that a majority of Asia’s workforce desire hybrid work arrangements moving forward, preferring to work two to three days per week remotely even post-pandemic. For employers, this presents certain opportunities to lower business costs, gain access to a more global workforce, and reduce their carbon footprint.

But as with any business model, with opportunity comes risk. As hybrid work becomes the new default, companies and leaders who want their business and employees to thrive in the future of work will need to understand and manage the following key risks.

Major risk 1: Cybersecurity risks

With accelerated digital transformation comes added cybersecurity risks. Phishing attacks and incidents of malware or ransomware reached new highs in 2020[2], with many cybercriminals seeking to steal data or disrupt critical supply chains. Beyond external threats, companies also need to watch out for internal security risks. Around one-third of employees seem to have picked up bad cybersecurity habits while working from home[3], whether it’s using their work devices for personal use, finding shortcuts and ‘workarounds’ to circumvent security protocols, or not reporting cybersecurity mistakes for fear of disciplinary action.

risks of hybrid work

To reduce security risks, leaders and HR teams need to deploy a balance of ‘hard’ and ‘soft’ measures. Beefing up cybersecurity using technology and process controls is only half the battle. The other is getting employees to actually comply with these processes and take ownership of their responsibility in safeguarding the company’s systems and data. The most effective way to do this is to commit to employee security training and build a strong security culture that encourages, incentivises, and prioritises secure behaviour.

Major risk 2: Fraud risks

Businesses also need to address the increasing risk of internal fraud. Employee fraud cases in the Asia-Pacific region have increased over the past year in the face of COVID-19 and remote work. Some of the more common examples include procurement fraud, cash theft, and falsification of expense claims[4]. KPMG[5] found that 72 percent of companies believe that the pandemic increased their risk of fraud, with 62 percent stating that their own employees were the biggest single source of fraud risk.

To move forward in a hybrid work future, HR leaders can help their companies mitigate fraud risks through pre-employment screening. As fraud is predominantly a people risk, a good way to manage it is to identify key risk factors in employees. This also highlights the importance of regularly rescreening existing employees. Personal circumstances can change over the course of an employee’s time with the company – debts may balloon, medical expenses may arise, or conflicts of interest may develop – so an employee’s risk profile is never stagnant.

Major risk 3: Culture risks

According to McKinsey[6], erosion of organisational culture and social cohesion is one of the key risks related to the hybrid work model. It’s understandable that with fewer in-person social events and interactions, establishing and maintaining a strong company culture is more challenging than ever. Negative consequences could include disengaged workers, a decline in creative thinking and collaboration, and difficulties with talent retention.

To prevent this, HR leaders can help drive engagement in a hybrid work model to boost morale and productivity. Where possible, prioritise in-person onboarding and meetings for projects that require extensive collaboration. And to mitigate future culture risks, HR teams could also consider conducting pre-employment assessments to check that a candidate’s personality and values are a good fit for the company.

Major risk 4: Health and safety risks

One of the biggest health risks for remote and hybrid workers is stress and burnout. As the lines between work, home, and leisure blur, employees are at risk of overworking themselves while juggling caregiving or other responsibilities at home. Another health risk is poor ergonomics resulting in long-term injury or fatigue, especially with issues related to back and eye health.

In addition, before the pandemic subsides, companies will also need to consider the health risks of having employees back in the office. It’s important that there are safe distancing and rigorous hygiene protocols in place, and for organisations to be fully aware of the most updated measures to take should an employee be found to be COVID-19-positive.

Companies can address these risks by acknowledging the need for employee mental healthcare, reminding employees to take regular screen breaks, and encouraging those who are eligible to get vaccinated before returning to the office.

Major risk 5: Process risks

Business processes have changed and will continue to evolve in the face of hybrid work. Internal controls and business continuity plans need to be reassessed and audited to ensure that operational and process risks are properly mapped out and mitigated. Furthermore, with increasing reliance on third-party service providers, including technology and business process outsourcing providers, businesses need to acknowledge that they need to strengthen their third-party risk management strategy.

One way to do so is to conduct more thorough research on existing and prospective third-party service providers before extending or entering into partnerships with them. This addresses one of the biggest stumbling blocks to risk management – visibility.

risks of hybrid work

The best risk management strategy in a hybrid work environment is proactive, not reactive

If hybrid work is here to stay, business leaders need to act now to secure their workplace of the future. While it’s important to have a clearly articulated plan in place, 68 percent of organisations do not yet have a detailed strategy in moving towards hybrid work[7].

The road to success is not about avoiding risk, but managing it in the best way possible. This often involves pre-empting problems rather than simply reacting to them. As business leaders look to embrace a long-term hybrid work model, they must focus on strengthening their security, preserving their company culture, supporting the health and safety of their employees, and continually revising their approach to third-party risk management.


  1. Rainer Strack, Orsolya Kovács-Ondrejkovic, Jens Baier, Pierre Antebi, Kate Kavanagh, and Ana López Gobernado. (2021). Decoding global ways of working. Boston Consulting Group.
  2. Chuck Brooks. (2021, March 2). Alarming cybersecurity stats: what you need to know for 2021. Forbes.——-what-you-need-to-know-for-2021
  3. Alicia Hope. (2021, June 21). Bad employee behaviors picked up during remote working pose serious security risks in the new hybrid workplace. CPO Magazine.
  4. Ines Liu. (2021, August 26). Business risk management in Vietnam in the era of COVID-19. Vietnam Briefing.
  5. KPMG. (2021, March 22). Fraud risk to rise, despite move away from remote working.
  6. Marino Mugayar-Baldocchi, Bill Schaninger, and Bill Schaninger. (2021, July 19). The future of work: Managing three risks of the hybrid workplace. McKinsey Organization Blog.
  7. Andrea Alexander, Rich Cracknell, Aaron De Smet, Meredith Langstaff, Mihir Mysore, and Dan Ravid. (2021, May 17). What executives are saying about the future of hybrid work. McKinsey & Company: Insights on Organization.