Fearing Layoffs, Most Workers Willing To Steal DataFearing Layoffs, Most Workers Willing To Steal Data
Most workers frightened by the prospect of layoffs are considering stealing corporate data to use in negotiating for a new job, our excellent sister site <a href="http://www.darkreading.com/security/attacks/showArticle.jhtml?articleID=212201861">Dark Reading</a> reports. They're angry, scared, desperate, and unsophisticated -- but you, the CIO, are cool, calm, and confident because you're prepared for such an onslaught. Right? Well -- you <b>are</b> prepared, aren't you?
December 9, 2008
Most workers frightened by the prospect of layoffs are considering stealing corporate data to use in negotiating for a new job, our excellent sister site Dark Reading reports. They're angry, scared, desperate, and unsophisticated -- but you, the CIO, are cool, calm, and confident because you're prepared for such an onslaught. Right? Well -- you are prepared, aren't you?The numbers from a range of surveys are scary: 56% of workers in one study are afraid of losing their jobs, and in two other studies 71% of workers said they have either already stolen customer data or are fully prepared to do so, according to "Insiders Pose New Threats In Down Economy," by Dark Reading editor Tim Wilson.
The frightening outlook extends beyond speculation about possible future behavior to hard facts about a surge in unauthorized actions by employees, according to the Dark Reading story:
"...IBM's ISS X-Force research team [reported last week] that it has detected a 30% increase in network and Web-based security events in the past 120 days, with the total number rising from 1.8 billion per day to more than 2.5 billion worldwide. The researchers attribute a significant portion of the uptick to insider activity motivated by economic fear.
"Unlike a 'quick firing,' tens of thousands of employees are readying themselves for the eventuality of losing their jobs -- and no doubt a high percentage of them [will be] 'disgruntled,'" said IBM security expert Gunter Ollmann in a blog earlier this year. "In today's computer-based work environment, with a little planning and forethought, a disgruntled employee can do a lot of damage with little fear of being caught and prosecuted."
If there's any good news in this unprecedented scenario, Wilson wrote, it is the relatively unsophisticated approach being taken by many employees concerned about losing their jobs and willing to steal from their current employers to improve their chances of finding new employment. Kevin Rowney, founder of the data loss prevention (DLP) unit at Symantec, formerly known as Vontu, gave this analysis to Dark Reading:
"Every day we're stopping more and more of these sorts of events -- many more than we saw before the downturn. It's a sad fact that rates of employee fraud rise in a down economy." Most of the economically motivated insider attacks are not particularly sophisticated or even well-thought-out, Rowney says. "In general, these are crimes of passion committed by employees who are angry or scared," he explains.
"These are not people who are sophisticated in IT, developing super-sneaky ways of stealing or sabotaging data without being detected. They're people who are under pressure, or who are mad and seeking vengeance, and they make a large cluster of bad decisions. In most cases, these are fairly obvious activities that can easily be detected if you have the right tools in place."
So we have met the enemy and it is us -- as CIO, are you fully prepared for this unprecedented level of inside attacks? If the CEO comes in and asks for your level of confidence, expressed as a percentage, to stop insider cyberthreats, what number would you offer: 75%? 80%? 90%?
If your answer isn't at least 90%, you need to read this Dark Reading piece immediately and then assign a team to follow some of the steps it outlines. Because here's one more thing the article points out, courtesy of RSA director of product marketing Katie Curtin-Mestre:
"We've seen clients that think they have only one instance of a database, and then through the discovery process, they find that there are 18 unauthorized copies of the data spread around the enterprise. These companies are in no position to leverage policies and controls because they don't know where the data is."
About the Author(s)
You May Also Like