Security considerations during layoffs: Advice from an MSSP

2024-01-17 06:00

Not only do human resources and direct managers bear the onus of responsibility when conducting exit conversations, but security teams should also make the necessary preparations for monitoring anomalies in employee behavior and organizational risk - before, during, and after layoffs.

As a managed security services provider and incident response professional, I've witnessed first-hand how a well-prepared organization handles layoffs versus an unprepared one, and the repercussions of these events on the latter's cybersecurity posture.

As a result of the work-from-home migration, followed by the "Great resignation" and mass layoffs we continue to witness, security teams are struggling to re-acquire security visibility.

Of particular concern is the gap in intellectual property visibility that occurred during the migration, followed by departed employees who may have committed theft through unintentional actions or deliberate measures.

Security teams must be part of the conversation because terminated employees - whether through unintentional actions or deliberate measures - have the potential to inflict harm on the company.

Depending on the employee's role or where they live, the business may have obligations to either protect or destroy the employee's data.

News URL

https://www.helpnetsecurity.com/2024/01/17/layoffs-security/

#security