THE GARTNER MARKET GUIDE FOR INSIDER RISK MANAGEMENT SOLUTIONS Download your copy now.

WORKFORCE CYBER
INTELLIGENCE AND SECURITY

BLOG

A Human-centric Approach to Operational Awareness and Risk Management.

Insider Threats in an Unstable Economy: DTEX i3 Team Data

This year has been a turbulent one for employers and employees alike. We rang in 2022 amid The Great Resignation—a time when employees across the world reevaluated priorities and working conditions in a post-pandemic world and voluntarily left their jobs en masse for greener pastures. Toward the end of 2021 and the beginning of 2022, not a week went by without headlines touting record numbers of workers quitting their jobs.

As this year comes to a close, many companies are seeing employees leave for another reason entirely: layoffs due to the emerging recession. Many high-profile employers such as Twitter, Amazon, and Facebook have made news with their reductions in force. They are not the only ones, just the most high-profile names. Furthermore, in between these economy-altering macroeconomic events, the “Quiet Quitting” trend, in which employees supposedly intentionally reduce their productivity and force employers’ hands, took root. All in all, it’s been a tremendously volatile year as it relates to employer/employee relationships.

Unfortunately for employers, the rise in volatility brings a corresponding increase in insider threats. When employees are happy and stable, they are far less likely to engage in behaviors like IP and customer data theft or system sabotage that put the company at risk. Additionally, the turbulent economic landscape has created an inviting environment for attackers using phishing or social engineering techniques to entice workers to click on malicious links. These external forces have combined to create a perfect storm of insider risk.

At DTEX we are seeing how this plays out across our customer base. The DTEX i3 Team works with customers to identify internal risks, evaluate their severity, and ultimately protect companies from malicious, non-malicious, and compromised users while preventing data loss. We recently dug up some data from our platform and found some telling statistics.

The first number that stood out is a simple one that corroborates some of this anecdotal data around employee movement. Research and creation of resignation letters on corporate devices—a clear precursor to a departure—has jumped by 20%.

The i3 team has also found that 12% of employees who leave an organization take sensitive IP with them from projects that they did not work on. (About 50% of employees walk out of the door with document from projects they did work on.) With record numbers of people leaving over the past year—as part of the Great Resignation, Quiet Quitting, or a recent layoff—there are record numbers of documents heading out the door with them. Sure, most of these documents do not represent malicious data exfiltration or the work of a Super Malicious Insider, but that doesn’t mean they can’t impact the company’s bottom line or brand reputation.

Finally, and most tellingly, our team has seen an interesting shift in how investigations among our customer base are being driven. Typically, the DTEX team identifies a risk and flags it to the customer impacted. But in the second half of 2022, we have seen a staggering 75% of investigations driven by customer HR departments. This is a promising indicator to us, as it demonstrates that our customers can recognize potential red flags and be proactive about mitigating insider risk before it becomes an insider threat.

We are all hoping for a calmer and more stable macroeconomic environment when the calendar flips to 2023, but if you are worried about the security and risk impact of employee turnover, I encourage you to get in touch with us and set up a demo or take a virtual tour to see how DTEX can help.