The global shift to remote work during the COVID-19 pandemic forced organisations and their employees to rapidly adapt their operations, technologies, and workforce practices. For many people, working from home became not just a temporary solution, but the new normal. Employees restructured their lives around remote work and, in many cases, businesses saw increased productivity, improved work-life balance, and expanded access to talent.
However, the landscape is shifting again. A growing number of companies are now implementing return-to-office (RTO) policies, requiring employees to return to controlled work environments, either full-time or in hybrid arrangements. While this move is often framed as necessary for productivity, collaboration, and culture, there is another key reason driving the return to a controlled environment that deserves more attention: security. From a protective security standpoint, bringing people back to controlled environments can strengthen an organisation’s ability to safeguard systems, data, critical assets, and other people.
Yet, this transition is not without risk. For many employees, mandatory return-to-office directives represent not just a logistical change and costs in time and travel, but a psychological breach – a violation of the unspoken social contract they believed existed with their employer. This can lead to frustration, disengagement, and, in some cases, an increased risk of insider threat behaviour.
When the psychological contract breaks
Beyond formal employment agreements, there exists an invisible and deeply personal psychological contract, also known as quid pro quo, the belief that an employee’s effort and loyalty will be reciprocated with trust, flexibility, and respect. During the pandemic, this contract evolved. Many employees proved they could deliver results while working remotely – and in return, they came to expect ongoing flexibility as part of the new norm. They saw working from home as a benefit. When organisations now mandate a return to office, often abruptly and without clear justification, it can feel like a breach of that psychological contract between employer and employee. When this contract is perceived to be broken, trust erodes, and employees may experience feelings of disgruntlement, resentment, or demotivation.
In extreme cases, this sense of injustice can fuel behavioural change – from ‘quiet quitting’ to open resistance, and in rarer but serious instances to intentional policy violations or security-compromising acts. There have already been several legal disputes in Australia, the US, and the UK where employees challenged RTO directives on the grounds of changed contractual expectations or constructive dismissal, demonstrating a growing willingness to escalate the issue for formal adjudication. The Victorian State Government, in August 2025, is considering legislation that would enshrine remote work arrangements, including a right to work from home two days per week, for both public and private sector employees.
Disgruntlement and insider threats: A dangerous combination
Disgruntlement occurs when employees feel unfairly treated, undervalued, or dismissed. The decision to force a return to office can trigger this reaction, especially if it is handled poorly. Common drivers include:
- Perceived unfairness: Remote work was successful, so why the sudden change?
- Loss of autonomy: Employees feel their needs and preferences are ignored.
- Lifestyle disruption: Families reorganised around remote work. RTO often undoes years of personal restructuring.
- Lack of transparency: If the rationale for RTO is unclear or inconsistent, distrust can fester.
- Perceived breach of trust: The return may be viewed not as a business need, but as a power move.
These stressors do not automatically lead to insider threat behaviour, but they weaken the internal safeguards – commitment, loyalty, and trust – that normally prevent it.
Insider threats range from accidental data leaks to deliberate acts of sabotage, fraud, or intellectual property theft. In organisations already managing sensitive assets or critical infrastructure, this risk cannot be ignored.
The real reasons behind return-to-office mandates
While security is a valid reason to encourage RTO, it is rarely the only one. Other commonly cited reasons include:
- Reinforcing culture through physical presence
- Improving collaboration and innovation
- Increasing manager oversight
- Justifying investment in office space
- Promoting informal learning and mentorship
- Boosting morale and reconnecting teams
- Testing loyalty and weeding out the disengaged
- Using RTO as a cost-saving attrition strategy
- Reverting to old norms because hybrid never felt permanent
Yet, many of these reasons are based on assumption, tradition, or optics rather than evidence. And when they are used to justify sweeping mandates, they can be perceived as disingenuous or arbitrary, heightening employee resentment.
Security as a primary driver, and a justifiable one
From a security standpoint, returning to controlled office environments offers tangible benefits:
- Stronger access controls to physical and digital assets
- Improved protective monitoring to detect insider threat indicators
- Reduced cyber risk from unsecured home networks or personal devices
- Enhanced protection of operationally critical functions and data
- Better integration of new hires into security culture
These factors are especially relevant for organisations covered by national security obligations, including Australia’s Security of Critical Infrastructure Act 2018. In such environments, working from a controlled environment is not just a preference, it is a matter of regulatory and operational risk management.
Many organisations mitigate this risk through a structured Insider Threat Program. Such programs integrate people, processes, and technology to detect, deter, and respond to behavioural indicators of risk, especially during periods of disruption or change. A mature Insider Threat Program is not about surveillance; it is about creating a workplace where employees feel supported, concerns are addressed early, and potential threats are identified and managed before they escalate which benefits both the person and the organisation.
What organisations can do
So how can organisations manage the security implications of this return, while maintaining trust?
Rebuild the psychological contract – intentionally
Organisations should recognise that trust, once broken, cannot be repaired through policy alone. Rebuilding the psychological contract requires consistent, visible actions:
- Communicate the “why” behind return-to-office decisions: clearly, early, and empathetically, particularly if these decisions relate to risk, security, or continuity.
- Acknowledge past flexibility and performance: during remote work. Validating effort helps preserve dignity and loyalty.
- Lead by example: executives and senior managers should model presence, engagement, and openness to feedback.
Invest in targeted education and training
Education is not just a compliance exercise, it is a critical mechanism for building awareness, alignment, and shared responsibility. Organisations should:
- Provide education on insider threat awareness, particularly during periods of change.
- Educate managers on identifying and responding to early behavioural warning signs, without stigmatising or overreacting.
- Equip teams with skills in adaptive communication, conflict resolution, and collaboration, especially in hybrid or restructured environments.
Strengthen the role of reporting
A robust reporting culture can reduce insider threat risk and increase overall organisational resilience. Key steps include:
- Promoting clear reporting channels, including anonymous options where possible.
- Normalising early intervention, making it acceptable (and encouraged) to raise concerns about colleagues’ behaviours before issues escalate.
- Protecting reporters from retaliation and demonstrating this protection through visible action and follow-up.
- Closing the loop whenever possible, share outcomes or changes that resulted from reports, to build trust in the process.
Support managers to lead through transition
Middle managers are often underprepared for the emotional and behavioural dynamics that arise during major shifts. Organisations should:
- Train managers to spot signs of disengagement and burnout, and to hold check-in conversations that go beyond performance metrics.
- Ensure alignment across management tiers, so that messaging about RTO is consistent, fair, and not arbitrarily varied between departments.
- Empower managers to tailor support, especially for individuals navigating personal or family challenges related to work location changes.
Together, these strategies send a clear message: that leadership is listening, security is everyone’s responsibility, and the transition back to the office is not about control, but about strengthening connection, purpose, and collective resilience. A thoughtful, people-focused approach reduces not only disengagement but also the conditions in which insider threats take root.
What employees can do
Employees are not powerless in the face of organisational change. They can take constructive steps to protect their own wellbeing while contributing to a safer, more secure collaborative workplace:
- Engage constructively: raise concerns respectfully, contribute to solution-focused conversations, and remain curious about the bigger picture.
- Look after your own mental health and stress levels: especially if the transition triggers anxiety or uncertainty.
- Support colleagues: check in on teammates and foster a sense of peer accountability.
- Be alert to behavioural shifts: including your own. If you feel unusually demotivated, frustrated, or reactive, seek support early.
- Participate in education opportunities: whether formal education or informal sessions to better understand your organisation’s direction and your role within it.
- Use reporting channels appropriately: when concerns arise that may affect people or the organisation, speak up.
By actively engaging with the transition, employees can help shape a workplace that is not only more secure but also more equitable and collaborative. Rebuilding trust is a shared effort and small actions, taken consistently, can have a significant impact on culture, wellbeing, and organisational success.
Final thoughts: A strategic return, not a tactical retreat
The decision to return to the office is not inherently good or bad. But how it is handled and whether it is grounded in trust, purpose, and security, will define its success.
Organisations must remember that culture is not created by policy, and security is not ensured by proximity alone. Trust is the linchpin of both. And when trust is broken, whether through unclear decisions, ignored feedback, or perceived breaches of fairness, it opens the door to disengagement and risk.
By acknowledging human risk, respecting the psychological contract, and investing in a structured Insider Threat Program supported by proactive leadership, education, and reporting mechanisms, organisations can create a workplace culture that is both resilient and secure, even in the face of operational upheaval.
It is not about forcing people back to their desks. It is about building a resilient workforce – one that protects what matters most, together.
