Great Resignation and the cybersecurity risks that followed
Photo: Philipp Katzenberger via unsplash.com
In the world of work, record numbers of workers quit their jobs amid the Great Resignation (albeit not quite to the heights initially reported). Bubbling below the surface, this posed a cybersecurity risk in the form of insider threats. The cause of this was the offboarding process.
The erratic nature of offboarding, disrupted by the pandemic and the high numbers of employees electing to leave their employment around the same time, evolved into a topic of concern for IT leaders.
An insider threat is the threat that a direct employee or a contractor has to use his or her authorized access, wittingly or unwittingly, to do harm to an organization’s mission, resources, personnel, facilities, information, equipment, networks, or systems.
Drawing the two events together, the high numbers of resignations carried the potential to pose a mix of malicious and accidental insider threats. Examples included the deliberate, like data theft from disgruntled employees, and fraud as a result of privileged access; to the more accidental, like privacy abuses and leaking of sensitive data. This was elucidated by Forrester principal analyst Heidi Shey in a recent review.
This issue has been picked up by Keith Neilson, Technical Evangelist at CloudSphere.
Neilson tells Digital Journal: “With both cyberattacks and internal cyber threats on the rise, these events serve as a reminder for organizations to ensure that only the right personnel have access to the right data.”
Complexity is making this more tricky, explains Neilson: “Given the multi-layer implications between data, assets, applications and users, identity management should begin with developing an agile cyber asset management approach.”
As an example, Neilson draw on: “When a security breach occurs, it is often due to a lack of full visibility into company cyber assets and connections across business services. To properly secure all company data, enterprises should begin by discovering all cyber assets within their IT environment to establish clear, real-time visibility of the attack surface.”
However, the process can improve, and risks can be lowered, as Neilson explains: “Once all cyber assets are accounted for, companies can effectively manage access and enforce security guardrails.”
Gloss