The Way to Avoid Insider Risks: Empathy
Concerns about the economic recession, shrinking financial markets and economic difficulties caused layoffs in technology and cryptocurrency companies, while also affecting the cybersecurity industry. These companies own valuable intellectual property and customer data that they are obliged to protect during this unsteady period we are going through. Crypto companies may also have access to client wallets and keys (single check or multi-signature) that are critical to the security of accounts.
Companies that perform layoffs should pay attention to insider risks. Fear of being fired is one of the factors that increase insider risk threats. Discontent can also be the reason behind the malicious behaviour of employees within a company.
Coinbase announced in a blog post it published in the previous months that it will reduce its workforce by 18%. In the aforementioned post, Coinbase stated that affected employees will "receive the dismissal notice in [their] individual emails because these employees have been stripped of their access to the Coinbase system."
Imagine if your company posted a message like this, whether or not you were affected by the relevant layoffs. How do you think employees who are afraid of being fired or have to watch their friends and colleagues get fired in an unpleasant way react to this situation?
What do you think the employees waiting for the dismissal notice might be doing at that moment? Are they collecting data? Do they take screenshots of correspondence? Are they downloading codes? What is the chance that they are doing exactly what their company was trying to be prevented by the sudden cancellation of access to the system?
In today's world, where the hybrid work order has become very common, it is difficult to manage such dismissal processes as employees may be in a place where a face-to-face meeting is not possible. It can also be difficult to collect company assets, such as laptops, from dismissed employees.
Treating employees with empathy, showing compassion and communicating openly with them will make it easier for the dismissed to deal with this situation, while keeping the morale of the current employees high. While doing so will not completely eliminate the risk of insider threats, it may reduce the likelihood of employees taking malicious action.
To minimize the risk of insider threats as your company plans or implements layoffs, follow these steps:
- Get in touch, do not catch your employees off guard. This applies not only to the employees you fired, but also to your current employees. If you don't provide employees enough information about layoffs, you make them think the worst and make their own (often wrong) scenarios and act accordingly.
- Consider the trade secrets, intellectual property, and relationships employees have with customers and partners. Employee lay-off experience, fair severance pay, and quality of post-employment resources/benefits can ensure that information remains confidential and your company's reputation is protected.
- Allocate as many resources as possible to support employees affected by layoffs. While layoffs can make this more difficult in times of economic distress, consider offering other opportunities, such as a new job placement, to help affected employees to take new steps for their careers.
- Provide a list of employees affected by the layoff to your internal threat team (or your cybersecurity team if there is no dedicated internal threat team) before you file the dismissal notice.
- Don't file a dismissal notice and suddenly cut off employee access. Instead, increase oversight of employees to be affected by the layoff by using technical capabilities prior to the layoff announcement to detect behaviour that may indicate whether they are planning to steal data, sabotage sensitive data and digital assets. The technical possibilities that can be exploited in such surveillance include cybersecurity tools with data loss prevention features, endpoint visibility, risk insights obtained from user behaviour analyses, and purpose-directed technologies to monitor insider risks.
- Announce layoffs and actions you will take to assist laid-off employees, either face-to-face or via video conference. When notifying laid-off employees, cut off their physical and logical access to the system.
- Treat laid-off employees as third parties. Check for any unusual activity up to the time of lay-off and after contract termination and ensure that company data and assets are returned and laid-off employees are deauthorized.
- Offer your support to the current employees by making them feel that you value them and their contributions. Help them understand why this difficult decision, lay-off, was made.
Above all, treat laid-off employees as you would like to be treated. No one likes to be laid off, but your empathy and effort to help laid-off employees take the next step in their career journey will reduce the risk of insider threats, strengthening the trust of current employees and boosting morale.