Recent Tech Layoffs Sharply Increase Insider Cybersecurity Threat

Avatar photo
Bill Bowman

As Layoffs Abound, HR and IT Teams Must Collaborate to Deter Insider Cyber Threats

Airiam, a managed IT and cybersecurity company with a strong focus on cyber resilience, today revealed an increased risk of insider cybersecurity breaches due to tens of thousands of recent layoffs in the technology sector. As part of Airiam’s ongoing commitment to SMEs’ IT and cybersecurity needs, Airiam provides insight to help professionals better understand key ‘at risk’ areas so they can make sound cyber resilience decisions.

“The human factor is often the weakest link when it comes to cybersecurity, and corporate layoffs can bring out raw emotions, anger, frustration and a desire to lash out,” said Conor Quinlan, CEO of Airiam. “Ensure your organization offers employee awareness and training programs that formalize and enforce cybersecurity best practices.”

According to research from The Ponemon Institute, insider threat incidents have risen 44% over the past two years, with costs per incident up more than a third to $15.38 million. The number only continues to grow due in large part to massive tech company layoffs, which topped 120,000 in 2022.

“With companies large and small having to make the unfortunate decision to lay off employees, there are more and more people facing uncertainty. If they haven’t been included in prior layoffs, they’re wondering if they’re next,” said Art Ocain, Airiam’s CIO. “When they get a call from an attacker who offers them six figures for their credentials so they can hack into the system, it could potentially be an opportunity too tempting to pass up.”

What can companies do to mitigate this risk? Many companies have significant external barriers to prevent security breaches. But there are many things that should be done to reduce the threat of current and ex-employees. Best practices include deactivating devices remotely, changing of system passwords, deletion of accounts, and revoking access to both physical and online spaces. However, even the best cybersecurity efforts are easily thwarted if a disgruntled employee lets an attacker into the system.

“It actually goes beyond technology, and it’s essential for companies to work with HR and to be really diligent about their employee satisfaction awareness,” said Ocain. “Cultural misalignment is a huge risk to corporations. If someone feels proud of their work and secure in their position, it is less likely they would break the law for fast money and ultimately lead to a company being impacted by an insider attack.”

Video Overview

Techniques to Stop Insiders and Ex-Employees

In addition to HR considerations, it is essential to implement steps to help mitigate the risk of insider threat from data exfiltration – unauthorized copying, transfer, or retrieval of data from either a server or an individual’s computer.

  • 24/7 System Monitoring: Continuous monitoring protects systems and allows for data breaches to be detected quickly. Watch for downloads to insecure devices, uploads to external services, insecure and unusual cloud behavior, behaviors outside of compliance with security policies and files being changed or redacted.
  • Privileged Access Management: By implementing strict controls over who has access to specific data through the use of password-protection, MFA and access permissions, it is easier to keep sensitive data safe and ensure only those who need access can have access to data and systems.
  • Email Filtering: Email filtering services check all incoming and outgoing emails for spam, malware, and suspicious links and then organize these messages into respective categories and folders.
  • Employee training: Companies are only as strong as their weakest link. In addition to HR training for better job satisfaction, ensure employees are trained on best practices for safe email use. Insist on strong passwords that change regularly, and encourage team members to share any concerns and report suspicious activity.
  • Immutable Backups: Even with every security precaution in place, breaches still happen. Having an immutable backup, an unchangeable backup that can’t be modified, deleted, or encrypted, allows your team to get business running again.  Keeping immutable backups of your critical business data ensures hackers can’t irrevocably steal or destroy your data—regardless of ransomware or successful breaches. For example, most businesses follow a 3-2-1 backup rule: 3 copies of the data, 2 different media types used, and 1 copy stored off site.

When HR and IT can work collaboratively, they help reduce the risk of the growing threat from insider attacks.

New Resources In Your Inbox

Get our latest cybersecurity resources, content, tips and trends.

Other resources that might be of interest to you.

Why Data Backups Are Important (And How to Do Them Right)

Most businesses know data backups are important, but they still treat them as an afterthought. However, backups aren’t just important—they’re essential.  Losing your system data isn’t just an annoyance or a setback. It could break your business overnig
Jesse Sumrak
>>Read More

Google Emergency Chrome Security Update

Google has released an emergency Chrome security update for Windows, Mac and Linux to address a high severity zero-day vulnerability that is now being actively exploited. The emergency Chrome update to version 99.0.4844.84 contains a single security fi
Jess Watters
Jessica Watters
>>Read More

Customer Success Story: Union-Snyder Community Action Agency

Airiam Supporting Those Who Help When people in Union and Snyder Counties need a hand, they often turn to the Union-Snyder Community Action Agency (Union-Snyder CAA). The mission of the agency is to reduce poverty in Union and Snyder Counties through s
Avatar photo
Bill Bowman
>>Read More