Skip to main content
close search
site logo
Dive Brief

Insider risk surges as resignations mount

Published Aug. 13, 2021
David Jones's headshot
Reporter
Amilcar Orfali / Stringer via Getty Images

Dive Brief:

  • Companies are facing a heightened threat of insider risk to their proprietary data amid a growing phenomenon of turnover in the labor market, dubbed The Great Resignation, according to research from cybersecurity provider Code 42. 
  • The number of data exposure events rose 40% between the second half of 2020 and the first half of 2021, according to telemetry data from Code42. During the second quarter of 2021, the April-June time period, data exposure events jumped 61%, when compared to the January-March quarter. 
  • Source code was exposed during the second quarter at a rate three times higher than prior quarters, according to telemetry data. Source code accounted for 11% of all data exposure events during Q2, an 83% increase when compared to prior quarters. 

Dive Insight: 

Insider risk has been a leading concern for years in terms of the need to protect corporate data. Companies have put protocols in place to protect against the exfiltration of emails, contacts, intellectual property and financial information by existing workers, disgruntled employees, contractors and others who might have privileged access to certain information. 

However, Labor Department data shows there were about 4 million resignations during the month of April, marking a new trend in the U.S. Millions of workers are ready to walk away from their current work environments, either for new jobs or in some cases no job at all, and veteran security executives say corporate data most often moves when employees decide to leave. 

“We know from working with hundreds of customers and hearing their stories that the number one indicator that someone is going to take data is that they plan to leave the organization,” Joe Payne, CEO of Code42 told Cybersecurity Dive via email. 

About two-thirds of corporate data breaches typically involve an employee, Payne said. And about 63% of workers who admit to taking data with them to a new job are repeat offenders, Payne said. 

Employees tend to remove data prior to submitting their actual resignations, and data is often exfiltrated 10 days or more before the worker quits. So the data loss is a bit difficult to detect by traditional screening methods, according to Payne. 

“Security organizations that begin watching the activity of employees after they resign will miss much of the exfiltration,” Payne said. 
 
The Code42 research shows that USB drives are the most frequently used method of exfiltrating data. 

The risk from insiders has been an ongoing concern at companies for many years, and even contributed to recent activity, including the Colonial Pipeline ransomware attack in May. 

A dormant VPN account at Colonial Pipeline was used to access IT systems at the company, which provided gasoline and other forms of fuel and heating oil to the southeast and eastern coast of the U.S.

Filed Under: Threats

Editors' picks

Company Announcements

View all | Post a press release
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
DigiCert Unveils 2025 Security Predictions
From DigiCert
November 21, 2024
Fathom5’s ARIA Technology Joins NSIN Propel Maritime Digital Defense Accelerator
From Fathom5
November 18, 2024
Nile Adds Industry’s First Campus Zero Trust Delivered As a Service
From Nile
November 21, 2024
Editors' picks
Latest in Threats
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell