A well-implemented operational security program should include procedures for securely managing hybrid/remote work environments, which inherently carry different risks than traditional office settings.
The statement is correct because operational security must adapt to the evolving business practices, including hybrid/remote work environments. These scenarios bring unique challenges such as securing remote access, protecting data on personal devices, and ensuring secure online communications. Traditional operational security measures might not fully address these concerns, necessitating specific procedures and policies tailored to these environments.