Close this search box.

Recent Tech Layoffs Sharply Increase Insider Cybersecurity Threat

Avatar photo
Bill Bowman

Video Overview

As Layoffs Abound, HR and IT Teams Must Collaborate to Deter Insider Cyber Threats

Airiam, a managed IT and cybersecurity company with a strong focus on cyber resilience, today revealed an increased risk of insider cybersecurity breaches due to tens of thousands of recent layoffs in the technology sector. As part of Airiam’s ongoing commitment to SMEs’ IT and cybersecurity needs, Airiam provides insight to help professionals better understand key ‘at risk’ areas so they can make sound cyber resilience decisions.

“The human factor is often the weakest link when it comes to cybersecurity, and corporate layoffs can bring out raw emotions, anger, frustration and a desire to lash out,” said Conor Quinlan, CEO of Airiam. “Ensure your organization offers employee awareness and training programs that formalize and enforce cybersecurity best practices.”

According to research from The Ponemon Institute, insider threat incidents have risen 44% over the past two years, with costs per incident up more than a third to $15.38 million. The number only continues to grow due in large part to massive tech company layoffs, which topped 120,000 in 2022.

“With companies large and small having to make the unfortunate decision to lay off employees, there are more and more people facing uncertainty. If they haven’t been included in prior layoffs, they’re wondering if they’re next,” said Art Ocain, Airiam’s CIO. “When they get a call from an attacker who offers them six figures for their credentials so they can hack into the system, it could potentially be an opportunity too tempting to pass up.”

What can companies do to mitigate this risk? Many companies have significant external barriers to prevent security breaches. But there are many things that should be done to reduce the threat of current and ex-employees. Best practices include deactivating devices remotely, changing of system passwords, deletion of accounts, and revoking access to both physical and online spaces. However, even the best cybersecurity efforts are easily thwarted if a disgruntled employee lets an attacker into the system.

“It actually goes beyond technology, and it’s essential for companies to work with HR and to be really diligent about their employee satisfaction awareness,” said Ocain. “Cultural misalignment is a huge risk to corporations. If someone feels proud of their work and secure in their position, it is less likely they would break the law for fast money and ultimately lead to a company being impacted by an insider attack.”

Techniques to Stop Insiders and Ex-Employees

In addition to HR considerations, it is essential to implement steps to help mitigate the risk of insider threat from data exfiltration – unauthorized copying, transfer, or retrieval of data from either a server or an individual’s computer.

  • 24/7 System Monitoring: Continuous monitoring protects systems and allows for data breaches to be detected quickly. Watch for downloads to insecure devices, uploads to external services, insecure and unusual cloud behavior, behaviors outside of compliance with security policies and files being changed or redacted.
  • Privileged Access Management: By implementing strict controls over who has access to specific data through the use of password-protection, MFA and access permissions, it is easier to keep sensitive data safe and ensure only those who need access can have access to data and systems.
  • Email Filtering: Email filtering services check all incoming and outgoing emails for spam, malware, and suspicious links and then organize these messages into respective categories and folders.
  • Employee training: Companies are only as strong as their weakest link. In addition to HR training for better job satisfaction, ensure employees are trained on best practices for safe email use. Insist on strong passwords that change regularly, and encourage team members to share any concerns and report suspicious activity.
  • Immutable Backups: Even with every security precaution in place, breaches still happen. Having an immutable backup, an unchangeable backup that can’t be modified, deleted, or encrypted, allows your team to get business running again.  Keeping immutable backups of your critical business data ensures hackers can’t irrevocably steal or destroy your data—regardless of ransomware or successful breaches. For example, most businesses follow a 3-2-1 backup rule: 3 copies of the data, 2 different media types used, and 1 copy stored off site.

When HR and IT can work collaboratively, they help reduce the risk of the growing threat from insider attacks.

New Resources In Your Inbox

Get our latest cybersecurity resources, content, tips and trends.

Other resources that might be of interest to you.

2024 Cyber Resolutions

New Year New Cyber Resolutions As we step into the 2024, we start setting resolutions for personal growth and well-being, as we do every year. However, this year, let’s broaden our commitment beyond just personal goals. Drawing parallels between indivi
Vivian Lee
>>Read More

Resilience – Airiam Cybersecurity Webinar

Topics From patches to passwords, vulnerabilities to who is vulnerable, listen in to Jason Rebholz (Corvus Insurance), Conor Quinlan (Airiam), and Art Ocain (Airiam) talk about how companies can best protect themselves. October is Cybersecurity Awarene
Avatar photo
Bill Bowman
>>Read More

6 Steps to Fix Your Computer’s Virus Infection

Cleaning Your Viruses in 6 Sort-of-Easy Steps Some of our clients are the “DO IT YOURSELF” type so we thought we would try to spell out some basic steps to help you fix a virus on your own. Note: this won’t work for severe infections that require lots
Avatar photo
Anthony Lewis
>>Read More