New research from Tessian reveals just how deep The Great Resignation is, and how it’s continuing to increase work for security teams.
The Great Resignation of 2021 continues well into 2022, with record high numbers of people quitting their jobs and seeking opportunities for better positions, better pay, better work/life balance and even exploring a career in a completely new industry.
According to our latest survey of 2,000 employees in UK and US businesses, 55% are considering leaving their current employer this year, with two in five (39%) workers currently working their notice or actively looking for a new job in the next six months.
HR departments are under pressure to retain employees and replace the talent they lost. But they’re not the only team feeling the strain.
Our survey also revealed that 71% of IT decision makers in US and UK organizations told us the Great Resignation has increased security risks in their company. What’s more, 45% of IT leaders say incidents of data exfiltration have increased in the last year, as people took data when they left their jobs.
They’re not wrong. One in three (29%) UK and US employees admitted to having taken data with them when they quit. The figures were much higher in the US, with two fifths of US employees (40%) saying they’d taken data with them when they left their job.
Which employees are taking the data?
We see noticeable differences in behaviors across various departments. Employees in marketing were the most likely to data with them when they leave, with a staggering 63% of respondents in this department admitting to doing so. Employees in HR (37%) and IT (37%) followed.
Interestingly, rates of data exfiltration are much lower in highly regulated functions like accounting and finance, operations and legal. With employees in these departments having to comply with strict data regulations on a daily basis, the findings suggest that this impacts their data sharing behaviors and the security cultures in these departments. Just 16% of workers in operations and 22% in accounting and finance say they have taken data with them when they’ve left a job.
Why do employees take data with them?
The majority of employees are not taking data for malicious purposes. The most common reason for taking data, cited by 58% of respondents, was because the information would help them in their new job. In addition, 53% believe that because they worked on the document, it belongs to them.
A significant percentage of employees (44%) said they took the information to share with their new employer, while 40% said they intended to make money from the information.
The consequences of doing nothing
With 70% of US employees and 40% of UK employees thinking about leaving their employer this year, the pressure is on to protect the organization from insider risk.
Even if a company experiences one data exfiltration attack, the consequences can be huge. There’s a lot at stake when it comes to the data in your company’s control, particularly when you consider that the average cost of a data breach now stands at $4.24 million.
What are the causes of these phenomenal costs? Here are three factors:
- Containment: Hiring cybersecurity and identity fraud companies to contain a data breach is expensive —not to mention the thousands of hours that can be lost trying to determine the cause.
- Lawsuits: Many companies face enormous lawsuits for losing customer data.
- Penalties: Laws such as the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) enable regulators to impose significant fines for personal data breaches.
What can IT and security leaders do to minimize the risk of data exfiltration during the Great Resignation period?
Taking data when leaving an organization has become one of those culturally-accepted things that people feel they can get away with. Let’s be clear, though, this is not a reason to blame and shame employees for their actions.
Rather this is an opportunity to see how we got to this point, assess where there are gaps in our data protection policies, and determine whether policies and guidelines are being communicated effectively to employees – both company-wide and in specific departments.
By defining and communicating the company’s expectations around data sharing and data handling in the organization, and training employees on safe cybersecurity practices, security leaders can start to build stronger security cultures that reduce insider risk.
As well as greater education and training, IT and security teams also need to ensure they have visibility of the risk across all channels, particularly email. A quarter of IT leaders we surveyed said they do not have visibility into incidents of data exfiltration, and this is an important first step.
The Great Resignation shows no sign of slowing down, and people will continue to move around looking for new opportunities throughout 2022. But this is also an opportunity for IT and security teams to build a more robust data loss prevention strategy, streamline defenses against insider risk, and put a safety net in place to stop the company’s most valuable and sensitive data from falling into the wrong hands.
How does Tessian prevent data exfiltration attempts?
Prevent unauthorized emails
Whether it’s an employee sending sensitive information to less secure, personal accounts or a bad leaver maliciously exfiltrating data, Tessian automatically prevents data exfiltration over email.
Deeply understand your risk
Whether careless, negligent, or malicious, insider threats are difficult to combat and even harder to detect. But with Tessian, you can quickly find and report the key areas of insider risk, use insights to predict future behavior, and take remedial action to prevent exfiltrations attempts.
In-the-moment educational warnings
Tessian warnings act as in-the-moment training for employees, continuously educating them about treats, reinforcing your policies, and nudging them toward safe email behavior. Automatically build individualized policies at scale to reduce high-risk email use and track trends in unsafe activity over time.