It has been a tough year for information security teams. COVID-19 has completely redefined the cyber threat landscape and added brand new levels of complexity to an already demanding discipline. Organisations have had to rapidly adopt new technologies to enable remote working and scale-up digital touch points with customers. This has, at times, punched holes in their security fabric, all in the name of business continuity. What's more, a ‘move first, plan later’ approach has collected security debt in the last 18 months that needs addressing now. The rise of remote working also moved people and devices outside of the security perimeter, leaving them reliant on consumer-grade networks and equipment which will never measure up to pre-pandemic corporate security expectations. At the same time, employees have had to share their workspace with families or flatmates. Many have even been forced to share devices as social needs such as homeschooling became.