Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Thursday, 28 September, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Don’t Leave Cybersecurity to Chance

The Hidden Risk When Staff Depart

by The Gurus
September 12, 2023
in Data Protection, Events, Featured, Insight, News
insider threat

Using a flashlight to search in a large group of people icons. Digital illustration.

Share on FacebookShare on Twitter

In today’s digital age, where organisations heavily rely on technology and data, ensuring strong Cyber Security practices is paramount, and one often overlooked aspect, is the departure of staff members.

The departure of an employee can introduce vulnerabilities and risks if not handled properly. Establishing a well-defined process for staff departures is crucial not only for maintaining operational continuity but also for safeguarding sensitive information from potential cyber threats. Chris White, member of International Cyber Expo‘s Advisory Council, and Head of Cyber and Innovation, The South East Cyber Resilience Centre (SECRC) offers his thoughts on the subject:

  1. When an employee leaves, their access to systems, networks, and databases must be immediately revoked. Forgotten or lingering access credentials can become a backdoor for cybercriminals to gain unauthorised entry. By following a process, organisations can systematically terminate an employee’s access to all relevant accounts and platforms, reducing the risk of data breaches and insider threats
  2. Employees often have access to sensitive company information, client data, and proprietary resources. Without a proper process in place, departing employees might retain copies of such data, putting it at risk of unauthorised exposure or misuse.
  3. By ensuring a comprehensive data inventory and implementing strict data retention policies, organisations can reduce the likelihood of valuable information falling into the wrong hands.
  4. When an employee leaves, all company-issued devices such as laptops, smartphones, and access cards should be collected promptly. These devices might contain sensitive data or access points that could be exploited by cyber attackers. An established process for equipment retrieval ensures that potential vulnerabilities are addressed and mitigated.
  5. A departure can result in a loss of organisational knowledge. If not managed properly, this loss could lead to security gaps in the organisation’s defences. By systematically documenting roles, responsibilities, and procedures, and by cross-training employees, organisations can maintain a well-prepared workforce that is capable of upholding cybersecurity standards.
  6. Insider Threats—threats posed by current or former employees—are a significant cybersecurity concern. Following a strict process during staff departures minimises the risk of disgruntled employees intentionally causing harm to the organisation’s digital infrastructure. Proper off-boarding procedures, including exit interviews, can help identify potential insider threats and pre-emptively address any concerns.
  7. Organisations are often subject to various legal and regulatory requirements concerning data protection and privacy. Failure to properly manage staff departures could result in non-compliance and legal repercussions. Following a process ensures that the organisation adheres to all relevant regulations, safeguarding both its reputation and legal standing.
  8. A departure can disrupt ongoing projects and operations, potentially creating opportunities for cyber threats to exploit the chaos. By having a clear process in place, organisations can ensure that essential tasks are transitioned seamlessly, and critical cybersecurity measures remain intact. Get in touch with The South East Cyber Resilience Centre for some assistance in this area.
  9. A good solution is Cyber Essentials which is an effective, Government backed minimum standard scheme that will help you to protect your organisation, whatever its size, against a whole range of the most common cyber attacks. For example, How do you ensure you have deleted, or disabled, any accounts for staff who are no longer with your organisation? We can provide the resources to achieve a suitable solution to answer this.

In conclusion, the departure of a staff member should not be taken lightly, especially when considering the potential harm, it poses to cyber security. Establishing a well-defined process for staff departures is vital for protecting an organisation’s sensitive data, maintaining operational continuity, and mitigating cybersecurity risks.

Chris White will be in attendance at International Cyber Expo 2023, so do stop by London Olympia on the 26th and 27th of September 2023!

To register for FREE, visit: https://ice-2023.reg.buzz/eskenzi

FacebookTweetLinkedIn
ShareTweet
Previous Post

Almost One in Three Parents Have Never Spoken to Their Children About Cybersecurity

Next Post

Overconfident Organisations Prone to Cyber Breaches, Study Finds

Recent News

software security

Research reveals 80% of applications developed in EMEA contain security flaws

September 27, 2023
Cyber insurance

Half of organisations with cyber insurance implemented additional security measures to qualify for the policy or reduce its cost

September 27, 2023
Fraud and online banking

Akamai Research Finds the Number of Cyberattacks on European Financial Services More Than Doubled in 2023

September 27, 2023
ICS Reconnaissance Attacks – Introduction to Exploiting Modbus

ICS Reconnaissance Attacks – Introduction to Exploiting Modbus

September 27, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information