The Great Resignation and Cybersecurity: How to Protect Your Organization in Times of High Turnover

High turnover has become the norm as the big quit takes its toll on organizations across all industries. While not the first challenge that comes to mind in a high turnover environment, your cybersecurity can be seriously threatened when employees leave. Protect your organization’s assets by bolstering your cybersecurity due diligence with data breach preventative measures.

The global pandemic and resulting increase in employee turnover has posed a serious risk to the data security postures of many organizations. When the threat began to tip American society into social distancing, quarantine and remote working in March 2020, cyber scams increased by 400% – and the coronavirus has become the greatest security threat of all time.

Now, two years later, many are still working full-time or hybrid shifts remotely. Andrew Egoroff, senior cybersecurity specialist at cloud-based solutions provider ProcessUnity, sees a noticeable increase in potential risks, as does the entire cybersecurity community.

“The shift to working from home means many people are suddenly carrying out business projects on their personal devices, proliferating data silos and reducing employee data liability,” he says. “This means that with increased employee turnover, a new population of employees walks away with sensitive company information.”

According to a 2019 survey by Code42, nearly two-thirds of employees admitted to bringing data from one workplace for use in another, and that doesn’t include the wider population who walk away with sensitive information without even knowing it. These events expose your organization to potential and costly data breaches.

If your IT team isn’t equipped to handle the scale of breaches the pandemic has helped engineer, it could cost you dearly $4.42 millionwhich IBM said was the average cost of a data breach in 2021. Additionally, the average time it took organizations to find and contain data breaches was over nine months.

“In short, the Great Resignation has resulted in massive organizational data leaks, while the work-from-home paradigm has reduced the visibility that would normally make solving this problem easier,” says Egoroff.

However, it’s never too late to consider changing your organization’s cybersecurity practices, and you can start with the following three action steps to help protect your data during times of high turnover:

  1. Implement a zero-trust strategy.
    The IBM report mentioned above found that breaches in which mature zero trust was deployed cost $1.76 million less than without zero trust. This is proof that one of the most effective measures to reduce revenue risk is to implement a Zero Trust cybersecurity strategy.

    “With a zero-trust strategy, a company adopts a security posture that does not assume that any user, device, network component, or vendor will behave responsibly with respect to sensitive information,” says Egoroff. “Instead, the organization is taking a preventative and proactive approach, practicing continuous verification and requiring employees to authenticate their identities each time they access company resources.”

  2. Limit the overshoot range.
    Another key element of the Zero Trust cybersecurity model, Egoroff believes, is minimizing the blast radius of potential data breaches. Without identity-based data access segmentation, breaching a single user’s information can completely compromise your organization’s network.

    “In the context of the Great Resignation, this means that any logins left active or available after an employee resigns are potential entry points for potential hackers,” Egoroff says. “To combat this risk, the zero trust model suggests that your organization only grants access to employees when needed.”

  3. Implement rigorous offboarding procedures.
    According to Varonis, 62% of offenses involve the use of stolen credentials, brute force or phishing. As your organization’s revenue pendulum swings upward, your IT teams must have the tools and technology capabilities to meet data security requirements. Egoroff suggests haste in the boarding process.
    “When an employee resigns, the relocation must begin immediately and be dealt with thoroughly,” he explains. “Their accounts should be disabled and cybersecurity personnel should audit their data to ensure that no information has been exported for external purposes. The best way to ensure that a high turnover rate does not lead to a cybersecurity breach is to ensure that employees cannot leave major holes in your organization’s security posture after they leave.

    A comprehensive cybersecurity management platform is beneficial in combating revenue risk. By centralizing user access information and automating reviews to ensure access controls are maintained, you can reduce the fallout from potential data breaches and easily facilitate a strict relocation process.

In the wake of the Great Resignation, business leaders around the world are facing a myriad of unprecedented cybersecurity challenges. Implementing policies that protect your organization, whether it’s a Fortune 500 company or a small family business, doesn’t have to be an onerous process. Take the time to care for your organization with a view to the future by investing in critical proactive security measures now and reap the benefits of potential longevity and success.

Written by Rhett Power.
Did you read?
Shervin Pishevar, on How Miami Became America’s Next Tech Hub.
Sheikh Youssef Al Shelash: Building better homes for families.
Mark Morro discusses the state of LGBTQ+ inclusion in aviation and his legacy as an openly gay airline CEO and industry president.
The WOW Factor: How to Deliver an Amazing Customer Experience Every Time by Benny Marotta.
Nils Larsen, Director, On managing risk and developing an investment strategy that matches your goals.
How to Become a Fully Connected Leader by Mel Kettle.

Follow the latest news live on CEOWORLD magazine and get news updates from the United States and around the world. The opinions expressed are those of the author and not necessarily those of CEOWORLD magazine.

Follow the headlines of CEOWORLD magazine on Google News, Twitter, and Facebook. For media inquiries, please contact: [email protected]

Comments are closed.