Tech Layoffs Creating New Cyber Threats
On a recent earnings call, Meta CEO Mark Zuckerberg told investors how well the company would operate with a reduced headcount. “We’re going to be more proactive about cutting projects that aren’t performing or may no longer be crucial,” Zuckerberg said. He explained, “my focus is on increasing efficiency of how we execute our top priorities.” In the past quarter, Meta has reduced its headcount by over 10K employees as part of this strategic shift to stay operationally lean.
We hope cyber risk management continues to remain a priority for Meta in these turbulent times and that its security organization was not negatively affected by headcount reduction.
Increased cyber risk due to tech layoffs is not just a Meta problem. Tech heavyweights such as Google, Amazon, Microsoft, and Salesforce have also reduced their headcounts. In 2022, more than 120,000 tech workers worldwide lost their jobs. And since the start of 2023, 313 tech companies laid off over 97,000 workers, according to data compiled by Layoffs.fyi, a website that’s been tracking layoffs since March 2020. And the number is growing by the day.
As businesses decrease headcount, new cyber risks from both inside and outside threats will arise. “Inside threats” can include disgruntled ex-employees, current employees with subject matter expertise (or conversely, a complete lack of cybersecurity threat awareness), and most frighteningly— security team members who know critical vulnerabilities and/or how to circumvent controls.
Our economic future is uncertain, and more layoffs may continue. Regardless of whether your organization is affected now or later, there’s a higher likelihood of being a victim of a cyber-attack. More insiders may want to target their ex-employers, and the cybercriminal-for-hire talent pool has increased exponentially. The incentives to switch over and work for the bad guys are very tantalizing; for instance, some cyber gangs are offering up to $100k a month in salary and other benefits.
Organizations need to be aware of the current threat landscape, and now is the perfect time to prepare for these new risks and reduce their negative impact. Here, we’ll briefly share some examples of insider threats, the consequences, how the risk has compounded with recent layoffs, and finally, what you can do today to improve your cyber posture and stay resilient.
The Insider Threat Situation
According to research from The Ponemon Institute, insider threat incidents have risen 44% over the past two years, with costs per incident up more than a third to $15.38 million..
The following are some consequences of insider threats to be aware of:
- Disrupting shipping processes by deleting shipping records resulting in delivery delays of medical equipment.
- Increasing running costs of a supercomputer by using it to mine Bitcoin.
- Loss of customer trust by deliberately leaking customer data to third parties.
- Loss of competitive advantage by sharing trade secrets with outsiders.
- Improperly configuring certain cloud servers due to understaffing and lack of specialized knowledge leading to unsecured corporate data on the web.
- Breaching privacy and data protection laws by exposing customer records on the open web.
- Enabling a ransomware attack through a phishing email due to lack of cybersecurity training.
Not all insiders have malicious intent and want to harm an organization and/or its employees. Often, insiders can be negligent or have made an honest mistake due to a lack of training or awareness. This is why employees who remain in the company must regularly undergo security awareness training, as the human factor is often the weakest. In Axio’s 2022 State of Ransomware Preparedness report, we concluded that active phishing training has improved but is still only practiced by 40% of organizations we surveyed.
Gain a 360 View of Inside and Outside Threats
You can’t prevent each malicious or negligent insider from causing damage to your organization as cyber risk grows due to tech layoffs. But you can prioritize mitigating and managing the risks of their behavior. This is where risk management methodologies come into play, emphasizing a holistic view of your organization beyond the necessary detection and protection.
A 360-degree view of risk means knowing where your current gaps are, and which ones matter most for you now and should be prioritized. Pinpointing insider threats is much easier when you have a complete and continuous view of your entire security organization and all its interdependencies.
Cybersecurity is a continuous endeavor and requires a risk-centric approach. As the risk of catastrophic cyber-attacks increases due to insider threats, it’s critical to ensure you build your cybersecurity program around consistent and measurable improvement. A continuous cyber risk management program helps you make decisions quickly and demonstrate they can reduce the negative impact:
Avoids the use of disconnected spreadsheets to perform risk assessments but uses a platform that enables collaboration with the entire team.
Can visualize cybersecurity improvement goals and deadlines in one place with the ability to reference them back to performed risk assessments and cybersecurity maturity measurement.
Prioritize investment decisions based on the risks that affect business operations.
To start your continuous cyber risk management journey, check out our free, single-user Ransomware Preparedness Assessment here.