Layoffs Mean Room for Incidents

Noor Boulos

In the face of economic headwinds, many companies are resorting to layoffs to help weather the storm. A study by Bloomberg News has found that since October 1, 2022 almost half a million employees worldwide across sectors have lost their jobs, with the tech sector accounting for nearly 150,000 of the 473,000 jobs cut. And new research by HackerOne found that in the last 12 months, 39% of companies surveyed have made security headcount cuts, and 40% plan to make then in the next 12 months. Meanwhile, cybersecurity staff that are left behind to shore up defenses and mitigate risk have their hands full. 

To begin with, last year 80% of hacking-related breaches used stolen and/or weak passwords. Deprovisioning user access is a critical but an extremely time-consuming task, particularly for companies that don’t use automation to help. Having to manually hunt through all the systems that an employee or contractor uses and remove their access is tedious and prone to human error. Staff responsible for deprovisioning while at the same time monitoring for threats, can easily miss a disgruntled employee who may attempt retaliation or signs of credential leakage or compromise. 

What’s more, attacks continue to rise. Check Point research finds global cyber attacks increased 38% in 2022 and reached an all-time high in Q4 with an average of 1,168 weekly attacks per organization. And the number of Common Vulnerabilities and Exposures (CVEs) climbed to 25,227 in 2022. Cuts to cybersecurity teams that are already spread thin due to the global skills shortage, further reduce the effectiveness of the team to keep up with the latest threats and vulnerabilities, increasing an organization’s risk. In fact, 75% of companies surveyed by HackerOne say that budget cuts, layoffs and freezing new hires and investments related to security negatively impact their ability to manage cybersecurity efficiently. 

Most of you reading this blog are cybersecurity practitioners with ownership for putting strong cybersecurity measures in place to help protect your organization’s larger ecosystem. But those technologies and processes are only effective if everyone does their part to make smart decisions. And the people who help educate employees about maintaining good cyber hygiene may have been among those laid off. If you feel employees and colleagues could use a reminder, here are a few tips to share:

  • Strengthen passwords and use MFA. Simple passwords are easy for hackers to crack, and password reuse opens the door for them to compromise additional accounts and gain access to your confidential information. Create long and unique passphrases for each account and use multifactor authentication (MFA) wherever possible. If this starts to get cumbersome and hard to keep track of, use password managers to generate and remember different, complex passwords for each of your accounts.
  • Think before you click. Ransomware attacks often leverage phishing, tricking people into clicking on malicious links or attachments. Instead of rushing through emails, be mindful of what you are receiving and from whom. Hover over links to see if they resemble legitimate addresses and be wary of messages that request personal data or create a sense of urgency which can indicate the email is malicious. If in doubt as to the legitimacy of an email, delete it. 
  • Backup data. While the best defense against ransomware is prevention, including being mindful of what you click on, backing up data can help you recover quickly and not lose critical or sensitive data. Be sure the backup is secure and consider two backups, one stored offline and the other in the cloud protected by MFA. Think about how often you should backup and the tradeoffs. The less frequently you backup, the more you have to lose in a ransomware attack.
  • Update software. Technology vendors are doing their best to keep users safe, issuing patches and updates regularly. Stay current with these security settings by turning on automatic application updates when available, for example with Microsoft and Google Chrome, and then shutdown systems every night and enable updates when prompted. This applies to phones and other smart devices too. Accept the automatic system updates when prompted and keep phones plugged in and turned on at night to process updates during less busy times.
  • Educate yourself. There’s no shortage of information on cybersecurity risks and you don’t have to be an IT guru to understand many of the articles, blogs and other resources available. Several government sources do a great job of explaining threats and vulnerabilities and how to protect ourselves in language we can all understand. Here are just a few examples written for the general public:

It’s difficult to predict how long this economic uncertainty will last. So, there’s no time like the present to help raise awareness of the risks and the easy steps everyone should take to help strengthen their organization’s security posture. Hopefully these tools will help. To learn more about the ThreatQ Platform, request a demo.


Blog Archive

About ThreatQuotient™

ThreatQuotient™ understands that the foundation of intelligence-driven security is people. The company’s open and extensible threat intelligence platform, ThreatQ™, empowers security teams with the context, customization and prioritization needed to make better decisions, accelerate detection and response and advance team collaboration.
Share This