Meet Ai3, the DTEX Risk Assistant. Fast-track effective insider risk management with guided investigations.

WORKFORCE CYBER
INTELLIGENCE AND SECURITY

BLOG

A Human-centric Approach to Operational Awareness and Risk Management.

  • Home
  • Blog
  • UEBA
  • Moving from Insider Risk to Insider Threat: Disgruntled Employees and Looming Layoffs

Moving from Insider Risk to Insider Threat: Disgruntled Employees and Looming Layoffs

Disgruntled employees layoffs insider risk management blog post

There’s been a lot of misconception about the quiet quitting movement since Zaid Khan, a 24-year-old engineer from New York, posted his video, which now has nearly half a million likes. In its initial incarnation, quiet quitting was not so much about a work slowdown as it was an argument for re-examining the work-life balance in the post-COVID world.

Regardless of the intent, managers and companies are loathe to antagonize their current workers because, even as some companies shed excess payroll, the labor market is still tight. In both cases of either unhappy employees quitting in place or employees who are fearful of layoffs, businesses need to be wary of disgruntled employees who would act against the company’s best interests.

Some quiet quitters launch side gigs, but not all side gigs are created equally from a company’s perspective. Sometimes using company assets like laptops, templates, and software applications to run a sports league or a consulting gig on the employee’s own time doesn’t impact the company’s bottom line. But research from the DTEX i3 Team has found instances of employees’ side gigs that are in direct conflict with the organization’s business. In these cases, not only is the employee misusing company assets, but they’re doing it to the detriment of the company that signs their paychecks.

The threat of layoffs or an inability to derive income from a side gig can make a contented employee a disgruntled member of the workforce. Disgruntled employees can move from the category of insider risk to insider threat. While everyone is a risk, not everyone is a threat, until they are. If an employee suspects layoffs are looming, they may be tempted to use company assets to look for their next job or purloin proprietary information from their employer. Our 2022 Insider Risk Report revealed that 56% of organizations assessed had sustained potential data theft because of employees leaving or joining the company.

In extreme cases, disgruntled employees can become hacktivists within the organization, using the organization’s own resources to expose confidential information or dox a boss who they think was unfair.

What can a company do?
Understand indicators of intent. Some Super Malicious Insiders can skillfully cover their tracks, effectively masking their activities just as well as the cloaking device found in the Harry Potter movies. But most employees who shift from an insider risk to an insider threat leave clues and traces of where they have been that can be followed like footsteps on newly fallen snow.

These footprints that mark insider threats can be identified by an analyst skilled in detecting them. Our research has also shown that the skills required to understand the behaviors that indicate insider threat are not typically aligned with the skill set of the average security analyst. If companies aren’t diligent about having the right analysts with the right tools in place to detect insider threats, they may lose more than headcount ahead of layoffs.

If you’re interested in more information on insider risks and insider threats, you can download the 2022 insider Risk Report here or contact our experts today to learn more about insider risk management and how DTEX can help secure your workforce.