What kind of threat does a disgruntled employee pose to an organisation’s cybersecurity?


Published on

A great feeling is knowing that your workforce has healthy security habits. Today, organisations know very well that employees and their security education plays a significant role in the safety of their assets. However, if cybersecurity starts with your employees, then your employees must also have the power to send it crumbling down too. Organisations will be familiar with the fact that human error and negligence can compromise the security of a company's valuables. For example, employees may succumb to phishing attacks or practise poor password hygiene, both of which invite malicious actors to steal sensitive materials. The good news is that organisations can mitigate these risks to a decent extent. Malicious actors from outside an organisation will have much more difficulty penetrating businesses, thanks to the innovative cybersecurity landscape today. However, you can have every flashy, technology-heavy solution under the sun within your cybersecurity portfolio, but they can only do so much to protect you against the age-old threat of the enemy within. Slaps in the face come no more painful than a cyber attack carried out by a disgruntled employee. Strangely, concerns surrounding external attacks and ransomware often eclipse internal threats, despite how colossal the detriment can be. Internal malicious actors can take advantage of their position to steal intellectual property and software or sabotage a business. They will often abuse access privileges to do so, while cleverly covering their tracks if they know your network well enough.

Making sense of malicious motivations

Pinpointing a disgruntled employee's motives is difficult, as the variables are endless. This is what makes the risk especially difficult to mitigate; unless the employee has approached you with their concerns, or you are a mind-reader, then it's difficult to know who is unhappy and why, as well as how they may act on it. An obvious reason for insider attacks is to seek revenge once let go; if an employee feels unjustly dismissed, they may wish to sabotage your business as a to the company. Similarly, an employee may carry out an attack if they feel they have been overlooked for a promotion. On the other hand, some employees may compromise your valuable assets as part of their strategy to jump ship to a competitor. This bleeds into the umbrella motives of greed and self-interest. No matter what the specifics, greed, self-interest, or both will almost always play a part. Disgruntled employees are hard pills to swallow. For employers, it can be disappointing to learn that someone you have nurtured and trusted can turn their back on you in such a way. This is especially true in the realm of data. Organisations everywhere are empowering employees to use data, particularly through data democratisation, to solve the data skills gap and boost business performance. However, educating departments on why 'data is the new oil' may only fuel disgruntled employees to have away at it. Thus, the time spent empowering said employees can sometimes feel as though it was in vain following an insider attack. That's not to say that businesses should keep data and employees at arms' length from each other. Instead, organisations should consider fine-tuning a mitigation strategy for these rare but devastating occurrences.

Watertight monitoring – within reason

You don't want to be the employer that sifts through your workforce's activity or emails. You also don't want to threaten your employees so much that you create a tense work culture. Workforce surveillance is an ethical minefield anyway, so it's best to steer clear from that path. Instead, organisations should focus on increasing visibility into the feelings and well-being of their employees.

Engage with your employees

Firstly, you must consider the entry and exit of employees. When welcoming a new member of the workforce, ensure that you have nondisclosure agreements at the ready. This will cover you from a legal standpoint, as well as set the tone that theft will not be tolerated. In terms of employee exits, you must disable accounts and terminate credentials immediately to ensure the individual cannot access your network upon leaving. As well as this, keeping a list of all active accounts is important. Organisations should revisit this list regularly to ensure only accounts that should be active are on there. Similarly, companies must create a list of persons with access and administrative privileges (and what they are) for regular review. Organisations should strive to keep this list as short as possible, granting only the privileges that are absolutely necessary to the users. This includes looking out for privileges that can be revoked when no longer needed. However, the best way to mitigate the risk of disgruntled employees is to not have them at all. Again, you can't read minds, but you can check in with your employees from time to time and enforce an open door policy. Similarly, you should encourage a transparent culture and ensure that employees feel they can be open without fear of punishment. Even the most malicious of people can appreciate an organisation's efforts to keep staff happy. You'll never get it perfect, but at least no one can say you didn't try.

Why not check out the top 10 digital transformation services?

Join 34,209 IT professionals who already have a head start

Network with the biggest names in IT and gain instant access to all of our exclusive content for free.

Get Started Now