Cybersecurity In-Depth: Feature articles on security strategy, latest trends, and people to know.
Insider cyberthreats are always an issue during layoffs -- but with record numbers of home-office workers heading for the unemployment line, it has never been harder to maintain cybersecurity during offboarding.
Business disruption and the financial toll brought on by the COVID-19 has forced many companies, large and small, to let go of staff. In fact, more than 40 million Americans have filed for unemployment in the past 10 weeks, with cuts hitting major companies including Boeing, IBM, and United Airlines.
While layoffs are never an easy scenario to deal with at any time, how well they are handled varies greatly, says Niamh Muldoon, senior director of trust and security EMEA with OneLogin.
"Early in my career, I worked on a case where a layoff process went horribly wrong and resulted in huge financial loss for the company along with a huge investigation, e-discovery, and a legal case," Muldoon says. "So, I urge organizations to invest time into properly planning for this unfortunate situation."
That includes the potential repercussions if a laid-off employee decides to retaliate and walk away with private corporate intellectual property (IP) or other sensitive data. And that's not unusual: According to a recent report on 2,000 US and UK employees from email security firm Tessian, more than one-third admitted taking company documents with them when they left a job. The data also revealed US employees are almost twice as likely to download, save, or exfiltrate work-related documents before leaving or after being dismissed from a job.
How can security managers ensure data doesn't walk out the door with a departing employee? Here are 10 recommendations to keep the layoff process secure.
About the Author(s)
You May Also Like
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024