Stress, burnout, and anxiety are at a global high, locking many of us out of the flow.
Coronavirus: it’s what every news outlet and people are talking about. With the devastating ongoing pandemic, public venues are being asked to close, while more companies are requesting their employees to avoid attending their office and work from home.
Although businesses have moved more and more towards work flexibility over the years, the idea of having your entire organisation working from home is altogether a different scenario.
Given that people all over the world are in a state of anxiety, apprehension and high alert, the perception and awareness of doing business-as-normal runs out of the door.
Emotions are running high. Stress is swelling. Fear is in everyone mind. What state of mind will employees be moving forward?
Unfortunately and invariably, employees will be more careless and negligent given the stressful situation. Accidental and unintentional of data loss and data leaks will more likely to happen.
In times of severe stress, human beings will revert to the most basic instincts – “survival”, and consequently logic thoughts will be thrown out of the window.
Our primary concern is for oneself – our physical health. If you ever come across Maslow’s Hierarchy of Needs, you will see that the first three needs deal with your physiology, safety and belonging.
Yet, in these trying times, employees may be more brazen and seek to take data out for their advantage if their well being and livelihood are threatened.
In a previous article, I wrote in November 2019, I explicitly defined the difference between Data Loss – Data Leak – Data Exfiltration. You can find the item here.
As the saying goes “data by itself” doesn’t leave the organisation. It is essential that your organisation understand its information assets, who has access to it, where is it moving to and most importantly, do you have visibility of people actions on the data?
Answering these questions will help your organisation to inventory your data and importantly develop the appropriate mitigation strategy, whether it be data-loss, data-leakage or data-exfiltration.
However, a more frightening scenario can occur if an employee livelihood is threatened. People behaviours are no longer the norm.
If people are fighting over toilet paper in the isles of supermarkets, how would they react if they found out that they were fired?
If on social media, people are being informed of a mass lay-off, how would they react to such news?
In this pandemic times, it is highly possible that some individuals might lash out at the organisation, the project, at other individuals, as a result of being aggrieved, and unfairly dealt with.
Question: Would the traditional information security approach of an organisation prevail against a determined employee that wishes to steal corporation information or even sabotage the business as a result of being fired? Very unlikely.
Risks of employee behaviour in times of uncertainty is made much more difficult for everyone. Not only are employees highly stressed and anxious, but those that are in charge of protecting the organisation assets are in the same situation. Their chances of preventing insider incidents successfully from taking place diminish as the threat of Coronavirus spreads.
Effective measures against insider risks as a result of increasing global uncertainty:
For more information, you can also send them an email at: firstname.lastname@example.org or give us a call at: +61 26282-5554.