7 minute read
Corporate layoffs: a perfect storm for insider risk and the imperative for holistic mitigation approaches
STACEY CHAMPAGNE
By Stacey Champagne, Insider Risk Expert, Founder & CEO of The Trade Secrets Network and Hacker in Heels
With over 42,000 tech sector employees laid off in 2022, many workplaces are in a constant state of stress. A June 2022 survey found nearly 80 percent of American workers concerned about their job security. Individual identity, finances and healthcare are intertwined with employment. Therefore, the threat of losing one’s job is a threat to financial security and mental health.
The situation is further exacerbated by C-suite executives who display ineptitude and mismanagement. In early February 2022, the cofounder of fitness equipment maker, Peloton, stepped down after being criticised for inconsistent pricing and manufacturing strategies. 2,800 jobs were cut and an additional 800+ jobs are reported to have been cut since. Compass—a real estate brokerage that touts as its competitive edge a proprietary tech platform for agents—has conducted three rounds of layoffs since June 2022. Onlookers have dubbed it “the WeWork of residential real estate” saying the company has “raised and spent money like a tech firm but made money like a brokerage.”
Employees are voicing their opinions loud and clear. Articles about employees meeting their job duties but refusing to complete above-and-beyond assignments are rife on social media. Dubbed “quiet quitting,” this workplace mentality aligns with a Gallup report showing the ratio of engaged to actively disengaged employees as 1.8 to 1, the lowest in almost a decade.
The current workplace climate of distrust, disengagement and threat to individuals’ livelihoods
is a perfect storm for insider threat activity. Insider threats are any persons (including contractors and third parties) who have, or have had, access to company data and systems and have used their trusted access for unauthorised activities such as fraud, theft, sabotage and/or workplace violence. Insiders commit hostile acts against organisations for a multitude of reasons. In a climate of workplace uncertainty and layoffs insiders may be facing financial distress or feel they are about to be/have been wronged by their employer. They might believe they own the product, code or documentation they have created while employed, and have the right to take it with them upon termination.
Managing insider risk, especially during times of company turmoil, requires a thoughtful, holistic approach that addresses both operational psychology and the technological components of the layoff experience. This approach should include not only employees who will experience their final day with the company, but also the colleagues and managers who will remain.
CORPORATE LAYOFFS AS VUCA EVENTS
VUCA stands for volatile, uncertain, complex and ambiguous. The term is used to describe events that are difficult to plan for and manage, typically in an emergency management context. A company experiencing layoffs is arguably in a state of emergency/crisis and could benefit from many of the same mitigation strategies and mindsets used to tackle VUCA events.
Retired US Army colonel Eric Kail has outlined adaptive strategies and tactics for operating in a VUCA environment, stating: “clear communication is vital in volatile situations; getting a fresh perspective and maintaining flexibility is critical in uncertain environments; collaborating and seeking incremental solutions are important in complex situations; and listening well and thinking divergently are a must in ambiguous situations.” A relationship of concern and trust is everything when managing risk or a VUCA event. The magnitude of the event is heavily influenced by the level of trust the public (employees) have for the incident responders (executives). Employees who witness layoffs far removed from their own role in the company may believe they will not experience any impact. However, if a software engineer hears of overarching volatility in the company’s market and does not believe the company leadership is making the right moves to minimise impact, trust can decrease.
If executives lose the trust of employees and customers, or fail to follow through on promised actions, according to this paper on crisis leadership in a hyper-VUCA environment, the “level of concern increases and the event will grow. As a result, the [executives] will find [themselves] not only expending more resources to respond to the event but may deploy additional resources to make the response appear more robust to outside observers in an attempt to increase trust.”
THE CRITICAL PATH TO INSIDER RISK
The loss of trust and subsequent stressors that often accompany a corporate layoff can move employees down the critical path to insider risk. The Critical Path Method uses a collection of indicators created by researchers studying historical insider threat cases in the US intelligence community and Department of
Defense that can help organisations identify and direct resources towards those most vulnerable.
Research has shown that “the likelihood, or risk, that individuals will commit hostile acts against their organisation increases with the accumulation of factors acting on them over a period of time.” These factors roughly follow a chronological sequence. Most importantly, the summation of multiple factors does not increase certainty or guarantee that the individual will commit a hostile act.
Many organisations put significant effort into implementing technology controls to mitigate insider risk, such as blocking the external transfer of data via webmail, cloud storage or removable media devices. However, technical behaviours are just one type of concerning behaviour that organisations should keep an eye out for. A layoff event introduces multiple stressors on employees (personal, professional and financial) and can produce concerning interpersonal, financial and mental health behaviours.
According to the Federal Reserve, 60 percent of laidoff adults with a high school education or less would not be able to pay all their bills if an unexpected $400 expense popped up during unemployment, and 24 percent of adults with a bachelor’s degree education or higher would have the same issue. Approximately one-in-five Americans are experiencing a diagnosable mental illness and deaths associated with alcohol, drugs and suicide increased 20 percent year-over-year in 2020.
Employees seeking financial security can, and do, find it from nation-states eager to acquire trade secrets. An Intelligence and National Security Alliance (INSA) report, Insider Threats and Commercial Espionage, notes several indictments of scientific researchers, engineers, professors, hackers and businesspeople— both American and Chinese—who have committed theft of US intellectual property. Through its Thousand Talents Plan and other initiatives, China recruits US nationals to provide proprietary data in exchange for payment. Domestic economic espionage is also a possibility, conducted through hiring of employees from a competitor to gain knowledge of and access to the competitor’s intellectual property. In 2013, Ticketmaster hired an employee from a competing ticket sales company who had retained their access credentials. Ticketmaster requested the employee to use these access credentials to provide business intelligence on its competitor. In late 2020 Ticketmaster was fined $10 million by the Department of Justice for the act. It is not difficult to imagine competing companies preying on the instability of their peers to recruit employees for intelligence and trade secrets which can give them the edge in a crowded market, or even deliver a final blow to a dying firm.
For some employees, a corporate layoff event can be fatal. Earlier this year, Bed Bath & Beyond’s chief financial officer died by suicide days after the retailer announced the closure of 150 stores and the laying off of about 20 percent of its employees. This sort of event can send shockwaves of grief and trauma through an organisation and require significant ‘postvention’ (psychological first aid). A workplace already suffering an economic crisis will want to return to business-as-usual as soon as possible, but doing so can lead to even more speculation, distrust and anger.
Insider threat incidents have risen by more than 44 percent over the past two years as COVID-19 lingers and economies continue to suffer from the pandemic’s effects. The cost per incident has increased more than 33 percent to $15.38 million. A single insider threat incident amid corporate layoffs can wipe out any cost savings the company hoped to achieve through its workforce reduction. An effective plan to mitigate insider risk during layoff events—one that implements strategies and processes beyond technical controls and addresses the humans at the core of the crisis—is therefore essential.
www.linkedin.com/in/staceychampagne