Connect with us

Hi, what are you looking for?

Business

Great Resignation and the cybersecurity risks that followed

During the Great Resignation, insider threats throughout the offboarding process have become a huge topic of concern for IT leaders.

Computer
Photo: Philipp Katzenberger via unsplash.com
Photo: Philipp Katzenberger via unsplash.com

In the world of work, record numbers of workers quit their jobs amid the Great Resignation (albeit not quite to the heights initially reported). Bubbling below the surface, this posed a cybersecurity risk in the form of insider threats. The cause of this was the offboarding process.

The erratic nature of offboarding, disrupted by the pandemic and the high numbers of employees electing to leave their employment around the same time,  evolved into a topic of concern for IT leaders.

An insider threat is the threat that a direct employee or a contractor has to use his or her authorized access, wittingly or unwittingly, to do harm to an organization’s mission, resources, personnel, facilities, information, equipment, networks, or systems.

Drawing the two events together, the high numbers of resignations carried the potential to pose a mix of malicious and accidental insider threats. Examples included the deliberate, like data theft from disgruntled employees, and fraud as a result of privileged access; to the more accidental, like privacy abuses and leaking of sensitive data. This was elucidated by Forrester principal analyst Heidi Shey in a recent review.

This issue has been picked up by Keith Neilson, Technical Evangelist at CloudSphere.

Neilson tells Digital Journal: “With both cyberattacks and internal cyber threats on the rise, these events serve as a reminder for organizations to ensure that only the right personnel have access to the right data.”

Complexity is making this more tricky, explains Neilson: “Given the multi-layer implications between data, assets, applications and users, identity management should begin with developing an agile cyber asset management approach.”

As an example, Neilson draw on: “When a security breach occurs, it is often due to a lack of full visibility into company cyber assets and connections across business services. To properly secure all company data, enterprises should begin by discovering all cyber assets within their IT environment to establish clear, real-time visibility of the attack surface.”

However, the process can improve, and risks can be lowered, as Neilson explains: “Once all cyber assets are accounted for, companies can effectively manage access and enforce security guardrails.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Social Media

Online privacy campaigners said they had filed complaints in several European countries against six Chinese companies including TikTok.

Social Media

French researchers have developed an application to help users migrate their whole online community from Elon Musk's X to rival social platforms.

World

The United States's second-largest city has never faced a blaze of this scale, driven by an extreme autumn drought and fierce Santa Ana winds.

Business

Like Brexit, Amexit doesn’t need to happen. Any guesses what will happen?