Ex-staff pose massive risks to company security
A report revealed almost half of IT professionals have an active insider threat programme
Only 24 per cent of IT decision makers have a formalised exit programme as part of their insider threat programme, IS Decisions has revealed in a report examining the future of addressing insider threats.
IS Decisions' CEO, Franois Amigorena said: "It's often easy for companies to overlook post-employment processes when they're worrying more about the behaviour of current employees.
"However, an employee on the outside with access to your systems can be as dangerous as any hacker or virus and often your threat detection systems won't pick up a former employee because it thinks the employee has genuine authority to access systems."
He explained that threats can go undetected by an organisation for a long time, so ensuring companies have the correct protocols in place, such as and employee exit checklist can help reduce the risk.
IS Decisions also revealed almost half of organisations have an insider threat programme and a third are planning to put something in place to help them deal with security problems posed by current or ex-employees.
This does not necessarily mean employees will directly attack systems, but it could mean their details are phished and used to gain entry, as was the case with eBay, Target and JP Morgan.
The company's research found that more US companies have such a protocol in place, but this could be down to the fact that more high-profile companies in the US have reported attacks.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
When looking further into the types of programmes companies have already set up, IS Decisions revealed that 66.6 per cent had set up specific tools, technology and data to deal with insider threats and 57 per cent were using staff training to educate the workforce about ways hackers could compromise systems.
51 per cent have a written security policy and 40 per cent vet employees before they start working for the company in question.
Clare is the founder of Blue Cactus Digital, a digital marketing company that helps ethical and sustainability-focused businesses grow their customer base.
Prior to becoming a marketer, Clare was a journalist, working at a range of mobile device-focused outlets including Know Your Mobile before moving into freelance life.
As a freelance writer, she drew on her expertise in mobility to write features and guides for ITPro, as well as regularly writing news stories on a wide range of topics.