Hybrid work has fundamentally altered the way businesses operate. Over the last few years, collaboration platforms such as Microsoft Teams and Zoom have become essential infrastructure for everyday communication, enabling employees to work across offices, homes, and remote locations. While this flexibility has improved productivity and employee satisfaction, it has also created new challenges for IT and security leaders tasked with protecting increasingly distributed environments.
In this discussion, Kristian speaks with Darren Anstee, Chief Technology Officer for Security at NetScout about why securing unified communications infrastructure has become such a pressing issue. Drawing on his experience monitoring the evolving threat landscape, Anstee explains how attackers are now targeting the systems that keep businesses connected, recognizing that disruption to collaboration can quickly become disruption to the organization itself.
As Anstee explains early in the discussion, businesses have realized the operational value of collaboration in a post-pandemic world. βHaving everyone work together and having teams communicate across the organization can be very valuable in terms of productivity,β he says. However, attackers have recognized this value too. The same tools that enable agility and flexibility also represent attractive targets for cybercriminals looking to interrupt operations or create widespread disruption.
The Growing Risks Facing Hybrid Environments
One of the key themes explored throughout the conversation is the complexity that hybrid work introduces from a security perspective. In a traditional office environment, infrastructure is largely centralized and controlled by corporate IT teams. In hybrid environments, employees are spread across homes, shared workspaces, and branch offices, often relying on networks and devices that businesses cannot fully manage or monitor.
Anstee highlights how this makes identifying the source of problems significantly more difficult during a cyber incident. If collaboration tools suddenly stop working, organizations may struggle to determine whether the issue is caused by a cyberattack, an internet outage, a local ISP problem, or another operational failure entirely. βThe first issue here is that it can be quite difficult to figure out where the problem actually is,β he explains.
The discussion also explores how investigations become more complicated after an incident occurs. Security teams often rely on logs, packet traces, and monitoring data to understand the scope of an attack and determine regulatory or operational impact. In highly distributed environments, gathering this information can become a major challenge. Employees may be operating on unmanaged networks, using different internet providers, or accessing systems from locations outside corporate visibility.
Another major issue raised is the increasing focus attackers place on collaboration infrastructure itself. Rather than directly targeting revenue-generating applications, attackers are now looking for weaker secondary systems that can still cause significant disruption. According to Anstee, firewalls protecting office connectivity have become especially attractive targets because disabling them can effectively cut entire groups of employees off from collaboration tools and cloud services.
He points specifically to distributed denial-of-service attacks, commonly known as DDoS attacks, as a growing concern. These attacks aim to overwhelm infrastructure with traffic until systems can no longer function normally. βIf you exhaust the state in a firewall, new sessions canβt be established and everybody behind that firewall loses connectivity,β Anstee says. In a hybrid workplace, where communication platforms underpin day-to-day business activity, even short periods of downtime can create widespread operational disruption.
Building Resilience Into UC Infrastructure
While the challenges are significant, the conversation also focuses heavily on practical ways organizations can strengthen resilience across their communication environments. For Anstee, the first priority is clear: protecting internet-facing firewalls and connectivity infrastructure must become a central part of security strategy.
βThe big one is defend the firewalls,β he says. Since collaboration tools rely heavily on continuous connectivity, organizations need to ensure the infrastructure supporting remote and office-based workers can withstand attacks designed to overwhelm or disable it. This includes implementing mitigation technologies capable of stopping DDoS attacks before they affect business operations.
Beyond technical defenses, Anstee also stresses the importance of policy. Many organizations already have rules governing remote work, but he argues these policies must account for the practical realities employees face outside the office. If businesses create overly restrictive environments, workers may bypass official processes in ways that introduce additional risk.
For example, organizations should provide approved methods for offline backups, printing, and secure connectivity so employees are not tempted to use personal tools or insecure workarounds. βMake sure youβve got offline backup mechanisms that are corporate approved,β Anstee advises. βMake sure youβve got printing capabilities that are corporate approved so that people donβt try and work around the policies.β
Another important point raised during the discussion is consistency. Businesses need clear guidance around hybrid working patterns, collaboration expectations, and infrastructure usage to ensure teams can operate effectively regardless of location. Hybrid work is no longer a temporary arrangement for many organizations, meaning resilience planning must treat distributed collaboration as a permanent operational requirement.
Security and Collaboration Are Now Closely Linked
The conversation ultimately reinforces how closely connected cybersecurity and collaboration have become in modern workplaces. Communication platforms are no longer simply productivity tools. They are critical business infrastructure that supports decision-making, teamwork, customer engagement, and day-to-day operations.
As businesses continue balancing flexibility, productivity, and employee expectations, hybrid work will likely remain a defining feature of the enterprise landscape. However, the more organizations rely on distributed collaboration, the more important resilience becomes. Cyber incidents that disrupt communication systems can now affect the entire organizationβs ability to function.
Ansteeβs insights underline the need for businesses to rethink how they approach security in hybrid environments. Traditional assumptions about centralized infrastructure no longer apply in many cases, and attackers are increasingly exploiting the complexity that distributed work introduces.
At the same time, the discussion offers a pragmatic reminder that resilience is achievable through a combination of stronger technical protections, clearer policies, and realistic support for remote employees. Organizations that successfully secure their collaboration environments will be better positioned to maintain productivity and continuity even when incidents occur.
As hybrid work evolves, securing unified communications infrastructure is becoming less about protecting a single platform and more about protecting the operational fabric of the business itself.