Tech layoffs have affected the sector greatly in the past few months, leading to many employees being immediately cut off from company systems and communication tools. This measure is taken to ensure data security, as sensitive information is often lost when employees leave their jobs. There is a 37% chance that organizations will lose their intellectual property when employees depart. Unfortunately, 71% of organizations are unaware of the sensitive data that departing employees take to other companies, making this a costly mistake. The cost per incident has increased to $15.38 million, primarily due to the increase in tech layoffs.
We recently heard from Rob Juncker, CTO at Code42, who shared what the underlying security threats of mass layoffs are and how organizations can mitigate security incidents and intellectual property theft:
"Unfortunately, companies often aren’t clear — or don’t enforce — their data policies. So, when an employee leaves a company, voluntarily or not, they may take files and company data with them. As an example, one of Code42’s customers previously spotted that $5 million worth of source code was being exfiltrated by a software engineer who had recently resigned. Thankfully, the file movement was detected before the employee left and any potential damage was thwarted, but it could have been a lot worse. The reality is, this sort of scenario very likely happens every day at companies across all industries, except most aren’t so lucky in stopping data from walking out the front door.
Today, employees feel a much greater sense of ownership over the work product they’ve developed, plans they’ve built and budget forecasting outlines they’ve created — but this can introduce data exposure opportunities when employees leave. Business leaders should be paying much closer attention to this insider threat since it can have a major impact on a company’s reputation and bottom line if not caught and prevented in a timely manner. To avoid this situation, companies should incorporate more resources to educate employees on security policies during onboarding, implement corrective “in the moment” training for employees throughout their tenure, and also reiterate policies during offboarding. Additionally, using proper technology, such as watchlists, can surface file movements of higher risk users, like employees preparing to depart.”