HIPAA Times news | Concise, reliable news and insights on HIPAA compliance and regulations

Preventing cyberattacks after layoffs

Written by Farah Amod | Nov 12, 2024 11:34:43 AM

According to a study about the impacts of layoffs on cybersecurity breaches, companies may face an increased risk of cyberattacks after letting employees go. The emotional and financial toll of job loss can sometimes drive individuals to retaliate against their former employers through malicious online activities. 

 

Understanding the connection between layoffs and cybersecurity threats

A study led by Thi Tran, an assistant professor of management information systems at Binghamton University, reveals a concerning link between layoff announcements and cyber threats. The research shows that some employees who lose their jobs may seek revenge by using their inside knowledge of company systems to carry out cyberattacks. Layoffs, as Tran explains, don’t just affect someone’s financial stability—they can also lead to feelings of betrayal, which may trigger a desire to ‘punish’ the former employer.

These individuals often possess a deep understanding of the company’s digital infrastructure, increasing the risk of a successful breach. Employees, especially those in IT or security roles, know the weak spots in a company’s security, making them dangerous adversaries if they act maliciously. Tran’s findings indicate that when employees feel mistreated or emotionally distressed by job loss, their technical skills and insider knowledge can become a cybersecurity threat to the organization.

 

Proactive measures to mitigate cybersecurity risks

To mitigate these risks, businesses should adopt a proactive approach when layoffs are unavoidable. One of the most important steps is to immediately revoke the access of laid-off employees to company systems. Allowing former employees continued access, even for a short time, can increase the likelihood of retaliatory attacks. This process should be handled with sensitivity and clear communication to reduce the emotional toll of job loss.

Even if a layoff has occurred, companies need to recognize their employee’s efforts. Acknowledging employees' contributions, even during challenging times, can help preserve respect and reduce the likelihood of negative reactions. Fostering empathy and clear communication allows companies to lower the risk of former employees becoming adversarial.

 

Strengthening cybersecurity defenses

Along with immediate access termination, companies should focus on strengthening their overall cybersecurity. Implementing advanced security measures such as antivirus software, intrusion detection systems, and strong firewalls is beneficial. Ongoing system monitoring is necessary to spot unusual activity early and respond before any breaches occur.

A strong, adaptive cybersecurity strategy can help minimize the risk of breaches, even in the face of insider threats. Training employees to recognize and respond to security risks is another effective measure, as it ensures that everyone in the organization is vigilant and prepared for potential threats.

Related: Insider threats in healthcare 

 

The role of corporate social responsibility

The study also discusses the role of corporate social responsibility (CSR) in reducing cybersecurity risks related to layoffs. When a company announces layoffs, its public image can suffer, and former employees may feel disillusioned. These feelings, combined with a sense of injustice, can increase the desire for retaliation. To counter this, organizations should actively engage in CSR efforts, stressing ethical conduct, social responsibility, and a commitment to data security.

Companies can reduce the negative emotional impact of layoffs by promoting a culture of transparency and fairness. The approach can also strengthen relationships with remaining employees, stakeholders, and customers, minimizing the potential for cyberattacks from disgruntled former employees. CSR efforts that focus on employee well-being, even after layoffs, can assist in reducing cybersecurity risks.

 

Preparing for the worst

Even with the best policies in place, companies must prepare for the worst-case scenario. Tran suggests businesses adopt a mindset of readiness, expecting that layoffs could lead to an increase in cyber threats. A well-prepared company will have contingency plans for various cyberattacks, from minor breaches to large-scale disruptions.

For example, companies should consider having backup systems and data recovery plans in case of a cyberattack. Additionally, conducting regular audits of access rights can ensure that only necessary individuals have access to sensitive information. These measures can help mitigate the damage in the event of a breach and ensure a quicker recovery.

Read also: How to develop a backup and recovery plan 

 

Ongoing research and future insights

Tran and his team continue to study the link between layoffs and cybersecurity threats, seeking to understand the full scope of the issue. Their research tries to uncover more direct correlations between layoff announcements and cyber incidents. They are also exploring the motivations of individuals who choose to retaliate, particularly those with technical expertise. By understanding these motivations, companies can develop better strategies to protect themselves during times of workforce reductions.

In addition, the research team is analyzing online discussions and social media posts to better understand the emotional responses of affected employees. These insights will help guide companies in developing policies that address the emotional and technical aspects of layoffs, reducing the likelihood of cyberattacks.

 

FAQs

How can companies prevent emotional distress from layoffs leading to cyberattacks?

Companies can mitigate emotional distress by handling layoffs with empathy, clear communication, and acknowledging employee contributions. Corporate social responsibility (CSR) initiatives that promote transparency and fairness can also reduce feelings of resentment.

 

How long should companies monitor systems after layoffs for potential insider threats?

Companies should implement ongoing monitoring of systems for several months post-layoffs to detect unusual activity that may signal an insider threat.

 

What immediate steps should companies take when laying off employees to protect against cyberattacks? 

Companies should immediately revoke access to all systems, change passwords, and review security protocols to ensure that former employees no longer have any entry points to company systems.