How Volatility in the Job Market Exacerbates the Insider Threat Risk
The post-COVID jobs market has been turbulent – and then some. And analysts have looked at this turbulence, most recently demonstrated by mass layoffs across the technology sector, from the point of view of business continuity.
But corporate security risk has also risen because of the reshuffling. What’s going on?
Mass layoffs create security threat from disgruntled ex-employees
The most obvious and relevant challenge to corporate security is a lack of qualified security professionals, either from attrition or turnover in the security ranks.
This era of mass layoffs is raising another corporate security concern, too. And that’s the threat posed by disgruntled former employees.
When interviewed, US KPMG lead, Kyle Kappel acknowledged that mass layoffs could precipitate insider-threat incidents: “Insider threat risk includes theft of sensitive data, embezzlement, sabotage of critical systems, creation of backdoors into corporate environments or even causing reputational harm.”
But how many insider threat incidents, including transferring protected data to personal accounts, transporting property to a competitor, or exploiting inside knowledge of employees to access privileged information, have been perpetrated by disgruntled ex-employees? According to some analyses, as many as 75 per cent of such incidents involve disgruntled ex-employees.
Common-sense measures to address the insider threat risk
That’s staggering. And so, the question becomes, what can be done to address the insider threat risk?
Well, given the high proportion of insider incidents perpetrated by disgruntled ex-employees, businesses need to act fast. One measure they might take to control the threat posed by disgruntled ex-insiders is expeditiously removing access to systems and applications during offboarding.
While that might seem like a no-brainer, employers, as security experts note, often overlook removing access to third-party applications, thereby creating for themselves a security blind-spot.
Indeed, the number of third-party applications active employees have access to is prodigious. It’s still incumbent on security teams, however, to get a handle on employee access privileges to these third-party apps.
The same goes for the threat posed by physical access to resources and equipment. Which often gets overlooked, as well. As international information security management system standard, ISO 27001 points out, all security assets exist in space and time. That makes auditing equipment as it’s returned an important physical security control to implement to minimize the risks of physical attacks.
Further insider threat mitigations
Of course, even all of those measures might not be sufficient if a disgruntled former employee is sufficiently motivated.
Mitigating the data breach threat specifically that such an employee might pose will also entail better monitoring and controlling data access. Here, organizations should pursue initiatives, such as monitoring user activity and access to resources in real time, through the auspices of established insider threat programs.
To be efficacious, though, these programs require integrated security management software platforms to get up and running efficiently. Such platforms leverage powerful workflows to control and automate management processes and standard operating procedures, as well as keep the right stakeholders informed across multiple communications mediums.
What other digital capabilities come in handy to address the insider threat? Download our Security Management Software Buyer’s Guide to find out.