The Cyber Defense eMagazine February Edition for 2024

Different Types of Risk Exposure
There is an undeniable lack of oversight and control over who has access to sensitive data within the IT
estate during the layoff process. Bad actors are increasingly targeting SaaS applications because they
store precious data. Because of this, there are many different types of risk exposure that organizations
face when employees are laid off.
The widespread enterprise adoption of cloud-first business strategies has significantly increased the
amount of SaaS applications created and used by organizations. Businesses frequently use multiple
cloud-based applications such as Google Drive or Slack to collaborate, store data, and share files with
colleagues or clients. Although these applications are beneficial in some ways, the collaborative nature
can pose serious security risks to organizations because sensitive data is frequently stored within these
applications. File owners can easily share access with their personal emails or external parties with just
one click. In a recent report by DoControl, it was revealed that 61% of employees have previously shared
company-owned assets with their own email. Once this file is shared publicly, there’s no telling who else
might gain access to the data within.
Complications also arise as business users continue to use messaging SaaS applications such as Slack
or Microsoft Teams to communicate and exchange information. Private data such as PII, passwords, and
financial information are often shared between coworkers on these platforms. This leaves sensitive data
exposed for internal and external parties to take advantage of. Moreover, once employees are laid off,
they become prime targets for cybercriminals to target for social engineering attacks. Bad actors or
competitors might offer former employees money to share private, company-owned data. If business
leaders conduct layoffs abruptly without offering a reason or severance, laid off employees might also be
frustrated and have incentive to leak data for their own personal gain.
Best Practices for Protecting Your Data
Especially during this season of mass layoffs, businesses must take a proactive approach to protect
confidential or proprietary information and avoid leakage of sensitive company data. As more
organizations adopt cloud-first SaaS operations, IT leaders will need to reevaluate their security posture
and implement strict access permissions. Security teams should frequently monitor for suspicious activity
and file sharing, and ensure that only necessary personnel have access to sensitive data. It is also
imperative for businesses to revoke access to shared files as soon as employment status is changed.
Most threats can be prevented with modern SaaS security tools for specific use cases, such as Data
Loss Prevention (DLP), Cloud Access Security Broker (CASB), and Insider Risk Management (IRM)
solutions. Additionally, training employees on best practices for data security will go a long way. IT
security teams should emphasize company policies during layoffs and remind employees that data
security is a shared responsibility. The cybersecurity threat of data leakage will likely continue to rise in
line with layoffs. Organizations should look to navigate this process with better empathy, and be more
proactive in their approach.
Cyber Defense eMagazine – February 2024 Edition 116
Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.