There may be a direct correlation between recent technology industry layoffs and an increasing risk of insider threats at global organizations, according to MSP Airiam. However, with a clear understanding of insider threats, these organizations are well equipped to guard against such issues.
Research indicates nearly 1,000 technology companies have laid off more than 150,000 workers since the beginning of 2022. Meanwhile, The Ponemon Institute reports insider threat incidents have increased 44% dating back to 2020, and the cost per incident has increased by more than 33% to $15.38 million.
The Human Factor Is the "Weakest Link" in Cybersecurity
Organizations in technology and other industries are increasingly laying off employees, and more workers are dealing with uncertainty about their job security, Airiam CIO Art Ocain stated. As such, if a hacker offers money for an employee's business credentials, that worker may be more inclined than ever before to give them up.
In addition, many organizations face "significant external barriers to prevent security breaches," Airiam indicated. Yet, they can take steps to educate their workers about cybersecurity and implement best practices to guard against insider threats.
Tips to Protect Against Insider Threats
Airiam offered the following tips for organizations to protect against insider threats:
- Monitor end-user devices, uploads to external services, cloud activities, behaviors that fall outside of an organization's security policies and files being changed or redacted.
- Utilize password-protection, multi-factor authentication (MFA) and access permissions to secure an organization's data and ensure only authorized users can access its data and systems.
- Check all incoming and outgoing emails for spam, malware and suspicious links.
- Provide employee security awareness training to teach workers about cyberattacks and how to combat them.
- Establish immutable backups that cannot be modified, deleted or encrypted.
Ultimately, protecting against insider threats requires an organization to look beyond its technology stack, Ocain indicated. If an organization integrates cybersecurity into all aspects of its culture, its employees can do their part to protect against cyberattacks now and in the future.