Is the US headed for the Great Exfiltration?
The huge spike in voluntary resignations at the height of the COVID pandemic could have unforeseen consequences for cybersecurity across American organizations, with seven in ten firms admitting they don’t know how much data workers took with them to their next jobs after quitting.
According to a 2020 report cited at the annual meeting of the World Economic Forum (WEF), 63% of workers who quit their jobs said they had used data from old roles in their new positions – and since then, of course, the overall number of people joining the Great Resignation has only increased.
With around 4.5 million resigning last November alone, the WEF appears justified in its assertion: “the Great Resignation could actually be one of the biggest insider threats facing organizations in a generation.”
“When it comes to employee turnover, security should always be a part of the conversation,” said the WEF. “Regrettably, that hasn’t always been the case, particularly over the course of the past two years. It’s perfectly understandable that organizations should be focused on talent acquisition and retention. But by neglecting good data hygiene with the coming and going of employees, they’re leaving themselves wide open to attack.”
The WEF said that both intentional “malicious” and unintentional “non-malicious” exfiltration posed a threat to businesses, and warned that the former was more likely to occur than many organizations realized.
“Malicious exfiltration usually involves a departing employee purposefully taking sensitive data to either cause harm to the organization they’re leaving or give themselves an advantage in their next venture,” it said. “Depending on their level of access, it isn’t difficult at all for employees to smuggle data out of an organization.”
Common blunders that facilitated this included companies failing to close down email accounts and revoke server access, and generally not being thorough when migrating or “offboarding” workers out of their old jobs.
“No user accounts should remain active once an employee has left an organization, and logs should be checked thoroughly before an employee leaves to ensure no data has been transferred to an external source,” the WEF cautioned. “The offboarding process should carry on even after the employee has left the building, with accounts monitored regularly to ensure that all access has indeed been revoked.”
This threat to US organizations’ data security has been compounded by the rise in the “bring your own device” (BYOD) practice during the COVID lockdown, as many organizations adopted the hybrid working model.
This led to two-thirds of workers using personal devices to perform tasks, while nearly nine in ten firms expected them to use their smartphones to access sensitive data – potentially expanding the attack surface for threat actors and creating what the WEF described as “data silos outside an organization’s control.”
It added: “These data-loss issues are difficult enough to deal with during periods of average employee turnover, but the Great Resignation, combined with BYOD and a trend toward hybrid working, has only amplified the challenge.”
More from Cybernews:
Subscribe to our newsletter