High turnover has become the norm as the Great Resignation wreaks havoc on organizations across industries. Although it’s not the first challenge that comes to mind amid high turnover, your cybersecurity can be at serious risk as employees leave. Protect your organization’s assets by bolstering your cybersecurity due diligence with preventative data breach measures.
The global pandemic and its resulting increase in employee turnover have posed a serious risk to many organizations’ data security postures. When the threat began to shift American society into social distancing, quarantining, and remote working in March 2020, cyberscams increased by 400% — and the coronavirus became the largest security threat ever.
Now, two years later, many are still working remotely full time or with hybrid schedules. Andrew Egoroff, senior cybersecurity specialist at cloud-based solutions provider ProcessUnity, is seeing a notable uptick in potential risks, as is the entire cybersecurity community.
“The shift to working from home means that many individuals are suddenly doing company projects on their personal devices, proliferating data siloes and reducing employees’ data-related accountability,” he says. “This means that, with increases in employee turnover, there comes a new population of employees who walk away with sensitive company information.”
According to a 2019 survey by Code42, almost two-thirds of employees admitted to bringing data from one workplace to use in another, and that’s not including the larger population who walk away with sensitive information without even knowing it. These events expose your organization to potential — and costly — data breaches.
If your IT team is not equipped to handle the magnitude of breaches the pandemic helped conceive, it could cost you $4.42 million, which IBM reported was the average cost of a data breach in 2021. What’s more, the average time it took organizations to find and contain data breaches was more than nine months.
“In short, the Great Resignation has resulted in massive leaks of organizational data, while the work-from-home paradigm has reduced the visibility that would normally facilitate the remediation of this problem,” says Egoroff.
However, it’s never too late to consider changes to your organization’s cybersecurity practices, and you can start with the following three action steps to help keep your data safe in times of high turnover:
- Implement a zero trust strategy.
IBM’s report mentioned above found that breaches in which mature zero trust was deployed cost $1.76 million less than without zero trust. It’s proof positive that one of the most effective measures to reduce turnover-related risk is implementing a zero trust cybersecurity strategy.“With a zero trust strategy, a company takes a security posture that does not assume any users, devices, network components, or vendors will behave responsibly with regard to sensitive information,” Egoroff explains. “Instead, the organization takes a preventative and proactive approach, practicing continuous verification and requiring employees to authenticate their identities every time they access company resources.”
- Limit breach range.
Egoroff believes that another key component of the zero trust cybersecurity model is minimizing the blast radius of potential data breaches. Without identity-based segmentation of data access, the breach of even a single user’s information can completely compromise your organization’s network.“In the context of the Great Resignation, this means that any login credentials left active or available after an employee resigns are potential access points for would-be hackers,” Egoroff says. “To combat this risk, the zero trust model suggests that your organization only grants employees access on a need-to-know basis.”
- Implement rigorous offboarding procedures.
According to Varonis, 62% of breaches involve the use of stolen credentials, brute force, or phishing. As your organization’s turnover pendulum swings upward, your IT teams should have the tools and technological capabilities to meet data security demands. Egoroff suggests alacrity in the offboarding process.
“When an employee resigns, offboarding should begin immediately and be processed thoroughly,” he explains. “Their accounts should be deactivated, and cybersecurity personnel should run an audit of their data to ensure that no information has been exported for external use. The best way to ensure that high turnover does not result in a cybersecurity breach is to ensure that employees cannot leave major holes in your organization’s security posture after they depart.”A comprehensive cybersecurity management platform is beneficial to combat turnover-related risks. By centralizing user access information and automating reviews to ensure access controls are maintained, you can reduce the fallout of potential data breaches and easily facilitate a strict offboarding process.
In the wake of the Great Resignation, company leaders worldwide are facing myriad unprecedented challenges when it comes to cybersecurity. Implementing strategies that protect your organization — whether a Fortune 500 company or a small family-owned business — doesn’t have to be an onerous process. Take the time to care for your organization with the future in mind by investing in crucial proactive security measures now and reap the benefits of potential longevity and success.
Written by Rhett Power.
Have you read?
Shervin Pishevar, on How Miami Became America’s Next Tech Hub.
Sheikh Youssef Al Shelash: Building Better Housing for Families.
Mark Morro Discusses the State of LGBTQ+ Inclusion in Aviation and His Legacy as an Openly Gay Airline CEO and Industry Chairman.
The WOW Factor: How to Deliver an Amazing Customer Experience Every Time by Benny Marotta.
Nils Larsen, Manager, On Managing Risk and Building an Investment Strategy that Fits Your Goals.
How to become a fully connected leader by Mel Kettle.
Track Latest News Live on CEOWORLD magazine and get news updates from the United States and around the world.
The views expressed are those of the author and are not necessarily those of the CEOWORLD magazine.
Follow CEOWORLD magazine headlines on Google News, Twitter, and Facebook. For media queries, please contact:
info@ceoworld.biz