• A new study suggests layoffs can lead to cyberattacks from disgruntled employees.
  • Thi Tran, an IT expert and professor, describes how companies can protect themselves from breaches.
  • This story is part of "Security Playbook," a series detailing cybersecurity advice and strategies.

Layoffs can make employees angry, stressed, and worried about their finances. A new study suggests they may also fuel a desire for revenge, which could put companies at risk of a cyberattack.

The study, titled "The Impacts of Layoffs Announcement on Cybersecurity Breaches," explores the behaviors of people affected by job cuts, including whether they seek to "punish" what they consider a "bad business" by hacking, said Thi Tran, an assistant professor of management information systems at Binghamton University who led the study.

Thi Tran is an IT expert who specializes in cybersecurity research. Foto: Courtesy of Binghamton University

Tran, who presented the study at the Pacific Asia Conference on Information Systems in Vietnam in July, said the research was inspired by news of companies across industries cutting jobs.

"I know how terrible it is, that layoffs can cause anger and potentially ruin people's lives," he said. "I also know how dangerous it is when people get pissed off — they can do a lot of bad things."

Tran discussed what companies should know about the connection between layoffs and cybersecurity breaches and how organizations can minimize their risk.

This interview has been edited for length and clarity.

Why do layoffs put companies at risk of cyberattacks?

We might think that hackers are empowered when they have technical abilities, but in most cases it's that they get triggered and have some motivation. Getting laid off can trigger that revenge, and they're more likely to perform an attack.

Our research suggests that the consequence of a layoff announcement is the likelihood of getting attacked and that the severity will be higher because hackers try to create harm.

Insider threats, such as ex-employees, are the biggest threat because they know about all the systems, layers of protection, and policies. So they can do a lot of harmful things to the company when motivated by layoffs. Imagine that the laid-off employee worked for the IT department or the security department: They know about every single corner and how to bypass all the protection layers.

How can companies protect themselves when announcing layoffs?

You have to terminate laid-off employees' access to systems shortly after notifying them; announcing layoffs too far in advance and then terminating access later can open the door to cybersecurity risks.

However, companies need to send a message to employees to minimize the impact of the layoff and explain why access has been terminated. Something like: "This is an unfortunate situation. We know this is very hard for you, but this is what we have to do for the entire company." Remind people of their connection to the company and the importance of data protection.

Prepare for the worst-case scenario. Think about the potential losses and costs of a breach and how you can strengthen security layers, such as with antivirus software, intrusion-detection systems, firewalls, and warnings about suspicious behavior.

Then you would know beforehand that there's something wrong with the system, and the sooner you know, the more you can minimize harm. But you can't eliminate 100% of possible risks.

What role does corporate social responsibility play?

Layoff announcements can bring negative publicity. They could send a message that your company is doing something harmful to the public or experiencing financial problems or poor leadership. This could make someone want to hack your company.

To help minimize attacks, improve and emphasize your corporate social responsibility, which is the company's reputation and image, and demonstrate the company's commitment to social and environmental responsibilities.

Being proactive and emphasizing ethical conduct and data security during layoffs could reduce the risk of data breaches in those situations. It will enhance trust with stakeholders.

What aspect of layoffs and data breaches do you plan to study next?

We want to collect publicly available records showing the dates of a layoff announcement and the dates that a breach happened. We'll try to see if there is any association.

I want to survey people about their ability and technical skills to formulate an attack on a company and how corporate social responsibility influences that decision. We want to capture online and social-media conversations to tabulate positive and negative emotions about a company after announcing layoffs.

There are lots of things we want to explore that we hope can help guide policies for how companies can prepare for the worst-case scenario and minimize the risk of a data breach after layoffs are announced.

Read the original article on Business Insider