IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

“Great resignation” sparks concern over insider data leaks

New research unearths direct correlation between employees leaving and data theft

Man leaving a job with box of personal items

According to new research, there is a direct correlation between resignations, departing employees, and data exposure through theft and leaks.

Mark Wojtasiak, vice president of Portfolio Marketing at cyber security company Code42, said that in an analysis of data-exposure telemetry from devices using the company’s software, data was leaving organizations at the same time as employees were handling in letters of resignation.

“Our analysis shows a direct correlation between resignations, departing employees, and exposure events. Turns out, when people leave, so do source code, patent applications, and customer lists,” he said.

The company looked at data from over 700,000 endpoints running Code42’s Incydr software between January 1 and June 30, 2021. The research found that not only was there an 40% increase in data exposure events between H2 2020 and H1 2021, but there was also a 61% increase quarter-over-quarter within the first half of 2021.

The three-month period between April and June 2021 saw 61% more exposure events than the previous quarter and accounts for 86% of all exposure events (across all vectors) experienced by organizations throughout the previous half (July through December 2020). Data exposure peaked at the same time the US experienced a massive shift in employment.

The research also found that source code exposure has increased three times over the past year. During Q2 2021, source code accounted for 11% of all data exposure events. Plus, Q2 2021 accounted for 47% of all source code exposed within the past year, confirming the ties between massive job shifts and valuable, sensitive information exposure.

Related Resource

Employees behaving badly?

Why awareness training matters

Why awareness training matters - whitepaper from MimecastDownload now

Removable media, primarily UBSs, represented the most widely used exposure vector. Removable media accounted for 42% of all exposure events, making it the top single exfiltration vector. The second-highest single exfiltration vectors were cloud sync agents at 37%.

The data also revealed that Google Chrome accounted for 52% of all application exposure not tied to a cloud sync agent or removable media. Wojtasiak said that rather than indicating that Google Chrome is particularly problematic — it instead denotes its dominant market share within professional environments.

“Our analysis illustrates that many of these employees will likely take data with them to their next company,” said Wojtasiak. “When data falls into the wrong hands, it’s devastating to a company’s competitive position and jeopardizes the financial, reputational, or operational well-being of a company, its employees, customers, and partners.”

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Recommended

Modernise your legacy databases in the cloud
Whitepaper

Modernise your legacy databases in the cloud

10 Jun 2022
Deploying flexible data protection to support cloud workload placement
Whitepaper

Deploying flexible data protection to support cloud workload placement

10 Mar 2022
Ten ways to protect your company from the next big data breach
data breaches

Ten ways to protect your company from the next big data breach

18 Feb 2022
Europol ordered to delete huge cache of unlawfully stored data
data protection

Europol ordered to delete huge cache of unlawfully stored data

11 Jan 2022

Most Popular

Actively exploited server backdoor remains undetected in most organisations' networks
cyber attacks

Actively exploited server backdoor remains undetected in most organisations' networks

1 Jul 2022
Former Uber security chief to face fraud charges over hack coverup
data breaches

Former Uber security chief to face fraud charges over hack coverup

29 Jun 2022
Why India wants to become a chipmaking powerhouse
components

Why India wants to become a chipmaking powerhouse

28 Jun 2022