Business and work is returning ot normal as employees begin communiting back to the office. Organizations are setting policy and boundaries about masks, vacinations, and how much employees may work remote. Security teams are dealing with more than just returning employees. My may bring in new and home devices uses as part of the work space, applications provisioned outside of IT processes, and unauthorized, questionable or at least unknown software installed by staff. Remote computers are also suspect for malware, ransomware, and personal email inboxed with unfettered ransomware spearfishing. Are cybersecurity teams prepared or merely going to enforce hardline policies once assumed all staff would comply with?