close
close
migores1

How companies can protect themselves from cyberattacks after layoffs

  • A new study suggests layoffs may lead to cyberattacks by disgruntled employees.
  • Thi Tran, IT expert and teacher, describes how companies can protect themselves from breaches.
  • This story is part of the “Security Playbook,” a series detailing cybersecurity tips and strategies.


An employee is holding a box of goods, with binary code coming out of the box and spreading across the background.

Luca Soncini for BI



  • A new study suggests layoffs can lead to cyberattacks from disgruntled employees.
  • Thi Tran, IT expert and teacher, describes how companies can protect themselves from breaches.
  • This story is part of the “Security Playbook,” a series detailing cybersecurity tips and strategies.


An employee is holding a box of goods, with binary code coming out of the box and spreading across the background.

Luca Soncini for BI



  • A new study suggests layoffs may lead to cyberattacks by disgruntled employees.
  • Thi Tran, IT expert and teacher, describes how companies can protect themselves from breaches.
  • This story is part of the “Security Playbook,” a series detailing cybersecurity tips and strategies.


An employee is holding a box of goods, with binary code coming out of the box and spreading across the background.

Luca Soncini for BI



  • A new study suggests layoffs can lead to cyberattacks from disgruntled employees.
  • Thi Tran, IT expert and teacher, describes how companies can protect themselves from breaches.
  • This story is part of the “Security Playbook,” a series detailing cybersecurity tips and strategies.


An employee is holding a box of goods, with binary code coming out of the box and spreading across the background.

Luca Soncini for BI



  • A new study suggests layoffs can lead to cyberattacks from disgruntled employees.
  • Thi Tran, IT expert and teacher, describes how companies can protect themselves from breaches.
  • This story is part of the “Security Playbook,” a series detailing cybersecurity tips and strategies.


An employee is holding a box of goods, with binary code coming out of the box and spreading across the background.

Luca Soncini for BI



  • A new study suggests layoffs can lead to cyberattacks from disgruntled employees.
  • Thi Tran, IT expert and teacher, describes how companies can protect themselves from breaches.
  • This story is part of the “Security Playbook,” a series detailing cybersecurity tips and strategies.


An employee is holding a box of goods, with binary code coming out of the box and spreading across the background.

Luca Soncini for BI



  • A new study suggests layoffs may lead to cyberattacks by disgruntled employees.
  • Thi Tran, IT expert and teacher, describes how companies can protect themselves from breaches.
  • This story is part of the “Security Playbook,” a series detailing cybersecurity tips and strategies.

Layoffs can make employees angry, stressed, and worried about their finances. A new study suggests they can also fuel a desire for revenge, which could put companies at risk of a cyber attack.

The study, titled “The Impacts of Layoffs Announcement on Cybersecurity Breaches,” explores the behaviors of people affected by the job cuts, including whether they try to “punish” what they consider a “bad deal” by hacking, said Thi Tran, a assistant. professor of management information systems at Binghamton University who led the study.


Thi Tran sitting on a chair and holding a phone.

Thi Tran is an IT expert specializing in cyber security research.

Courtesy of Binghamton University



Tran, who presented the study at the Pacific Asia Conference on Information Systems in Vietnam in July, said the research was inspired by news of companies in industries cutting jobs.

“I know how terrible it is that layoffs can cause anger and ruin people’s lives,” he said. “I also know how dangerous it is when people are angry – they can do a lot of bad things.”

Tran discussed what companies should know about the connection between layoffs and cyber security breaches and how organizations can minimize their risk.

This interview has been edited for length and clarity.

Why do layoffs put companies at risk of cyberattacks?

We might think that hackers are empowered when they have technical skills, but in most cases it is the fact that they are triggered and have a certain motivation. Being fired can trigger that revenge and make them more likely to carry out an attack.

Our research suggests that the consequence of a layoff is the likelihood of being attacked, and that the severity will be greater as hackers seek to create harm.

Insider threats, such as former employees, are the biggest threat because they know all the systems, protection levels and policies. So they can do a lot of bad things to the company when they’re motivated by layoffs. Imagine that the fired employee worked for the IT department or the security department: they know about every corner and how to bypass all layers of protection.

How can companies protect themselves when announcing layoffs?

You must terminate redundant employees’ access to the systems shortly after notifying them; Announcing layoffs too far in advance and then cutting off access later can open the door to cybersecurity risks.

However, companies must send a message to employees to minimize the impact of the layoff and explain why access has been cut. Something like: “This is an unfortunate situation. We know it’s very difficult for you, but this is what we have to do for the whole company.” Remind people of their connection to the company and the importance of data protection.

Prepare for the worst case scenario. Think about the potential losses and costs of a breach and how you can strengthen layers of security such as antivirus software, intrusion detection systems, firewalls, and warnings about suspicious behavior.

Then you will know in advance that something is wrong with the system, and the sooner you know, the more you can minimize the damage. But you cannot eliminate 100% of possible risks.

What role does corporate social responsibility play?

Layoff announcements can bring negative publicity. They might send a message that your company is doing something harmful to the public or is experiencing financial problems or poor management. This might make someone want to hack your company.

To help minimize attacks, enhance and emphasize corporate social responsibility, which is the company’s reputation and image, and demonstrate the company’s commitment to social and environmental responsibilities.

Being proactive and emphasizing ethical conduct and data security during layoffs could reduce the risk of data breaches in those situations. It will increase trust with stakeholders.

What aspect of layoffs and data breaches do you plan to study next?

We want to collect publicly available records that show the dates of a layoff notice and the dates a violation occurred. We will try to see if there is any association.

I want to question people about their ability and technical skills to formulate an attack on a company and how corporate social responsibility influences that decision. We want to capture online and social media conversations to tabulate positive and negative sentiment about a company after layoffs are announced.

There are a lot of things we want to explore that we hope can help guide policy on how companies can prepare for the worst-case scenario and minimize the risk of a data breach after layoffs are announced.

Related Articles

Back to top button