Threats

New Insider Threats in the Era of the Great Resignation

The Covid-19 pandemic saw the beginning of the great resignation. From March through September of 2020, an estimated 4.5% of the U.S. workforce quit their jobs, according to the Bureau of Labor Statistics—the highest level since the bureau began tracking quit rates in 2000. The rate has since declined but remains elevated, even as the overall unemployment rate has dropped.

In recent years, we've seen a rise in malicious insiders - employees who use their trusted position and access to company data to harm their employer. The Great Resignation of 2017 was a perfect example of how an insider threat can exploit vulnerabilities in an organization.

With great resignation comes great insider threats

According to the Cyber and Infrastructure Security Agency, an insider threat occurs when a company insider uses their authorized access, wittingly or unwittingly, to harm the department’s mission, resources, personnel, facilities, information, equipment, networks, or systems. 

The recent resignations of employees mean that there is a potential for the disclosure or sale of business-critical information to rivals or hackers, either through negligence or intentionally. According to a recent survey, 71% of IT leaders agreed that security risks have increased with the great resignation. Data exfiltration, or employees taking data with them when they leave the company, is one of the major causes of growing insider threats. 

Protecting your business against insider threats

A survey found over 55% of employees – who shared company data against the rules – claimed their employers did not provide them with tools to share sensitive data securely.

Security policies and practices are vital for any organization, but they're especially important when it comes to insider threats. Here are some steps that IT security teams can take:

  • Build a robust background check process: A robust background check process is crucial to safeguarding business-critical data. Background checks for full-time employees and contractors or vendors can help the company onboard trustworthy people. If an organization lacks the resources and tools to do a background check, it can hire third parties to carry out the verification process. 

  • Making security training a priority during employee onboarding: New employees often lack the requisite skills or training to gel with security best practices seamlessly. Security training during onboarding is critical to help them learn new security protocols and adjust to the new environment. The IT teams must follow the least-privilege principle with new employees while giving them access to resources needed to carry out their duties. 

  • Ensuring continuous mandatory training for all employees: Security threats have evolved with every advancement in technology. Against this backdrop, any organization that does not invest in its employees' continuous upskilling and training invites trouble. Security training should not be a one-time activity. Security training helps employees understand the importance of their actions. It drives home the point on security threats, reiterates the necessity of maintaining the confidentiality of company data, and warns them of the penal or punitive actions that intentional or unintentional data exfiltration could invite. Organizations can automate security training sessions to manage continuous training across all teams. While most employees scowl at mandatory training, gamifying security sessions can be an excellent motivator for ensuring employees do not treat it as a mere tick box.

  • Establish stringent Bring Your Own Device (BYOD) policies: The percolation of the remote work culture has resulted in people using their devices to get official work done. While a convenient feature, using personal devices is replete with pitfalls. IT departments may not extend the same security standards to personal devices compared to company-issued equipment. Further, using personal devices increases the security touchpoints, which hackers could exploit to breach the organization's perimeter. The chances of employees storing critical information on their systems spike, resulting in increased opportunities for data exfiltration. Companies must create strict standards and rules for BYOD to ensure all employees adhere to the security norms to maintain data sanctity. Ensure outgoing employees hand over data to the company before exiting. 

  • Ensuring security policies are implemented while off-boarding: An employee about to leave will most likely take data security less seriously. The chances of such employees taking company data along with them are also high. Last year, Pfizer alleged

    that a former employee exfiltrated data related to Covid vaccine trade secrets when they left the company. In another case, Qualcomm reported that a long-term employee exfiltrated confidential data and propriety information to their accounts before leaving for a new job. IT departments must identify and monitor high-risk groups to prevent such scenarios. They must put in place policies for employees about to leave. 

Conclusion

According to a report, insider threats caused a financial burden of around $11.45 million in just two years. Negligent employees generated a whopping 62% of the attacks, and the remaining (23% & 14%) were caused due to criminals and insiders. Data security is crucial for any organization. The increasing cases of data breaches have forced organizations to sit up and take notice of their vulnerabilities.

With the high turnover rate in many places of business, insider threats need to be monitored constantly. The points discussed in this article will help you implement the necessary security protocols to keep your data safe from insider threats.

Featured Posts

See All

October 24 - Blog

Packetlabs at SecTor 2024

Packetlabs is thrilled to have been a part of SecTor 2024. Learn more about our top takeaway's from this year's Black Hat event.

September 27 - Blog

What is InfoStealer Malware and How Does It Work?

InfoStealer malware plays a key role in many cyber attacks, enabling extortion and lateral movement via stolen credentials. Learn the fundamentals about InfoStealers in this article.

September 26 - Blog

Blackwood APT Uses AiTM Attacks to Target Software Updates

Blackwood APT uses AiTM attacks that are set to target software updates. Is your organization prepared? Learn more in today's blog.