With economic slump, concerns rise over data theft

A McAfee survey finds that laid-off employees are the biggest security threat created by the economic downturn.

Is the worsening economic situation going to turn some employees into data thieves?

That's a top concern amongst IT decision makers, many of whom say that laid-off employees are the biggest security threat created by the economic downturn. In a McAfee-sponsored worldwide survey (registration required) of 1,000 IT decision makers, the company found that 42 percent of respondents felt that the laid-off employees represented the biggest IT security threat caused by the recession. That's more than were worried about outside intruders. And 36 percent said that they were worried about security problems caused by employees in financial stress.

Crime rates spike during hard times, and with thousands of workers being laid off each week now, there may be an added incentive for employees shown the door to take intellectual property with them to bolster their chances of getting hired with a competitor, to use with a start-up company of their own, or maybe even to sell.

"The economic downturn across the board is going to provide additional motivation for people who would want to do harm," said Seth Bromberger, an information security manager with PG&E in San Francisco. "It's on a lot of people's radar right now."

According to Bromberger, companies that have their employee exit processes in order have less to fear from laid-off workers. It's just that with the current economic squeeze, people's motivation may be changing

Layoffs can fray employee loyalty, and there certainly is money to be made selling all kinds of corporate data.

Last August, a financial analyst with subprime mortgage broker Countrywide named Rene Rebollo was arrested by the U.S. Federal Bureau of investigation for allegedly selling Excel spreadsheets containing customer information for about two-and-a-half cents per record. Over a two-year period he may have made US$70,000 from the scam, the FBI said.His annual salary was $65,000.

According to court filings, Countrywide had security software that disabled the use of USB drives on its PCs. But Rebollo found one PC that didn't have the software and was able to download about 20,000 records each week onto his personal thumb drive, which he'd later email to a buyer, the FBI said.

USB drives are one of the most underestimated sources of data leaks, says McAfee CEO Dave DeWalt. "For $100 you can buy a 100GB drive," he said. "100GB can be the entire customer base for an entire large company."

An economic slowdown can create other computer security problems too. As businesses fail and are bought, that churn can lead to management chaos within IT groups. Workers aren't sure how to report security concerns, or to whom, and existing controls may not be monitored as roles are switched and jobs are lost. In addition, workers may not want to report security issues for fear of jeopardizing a co-worker's job or drawing unwanted attention to themselves.

Ignoring security problems can be costly. The average security breach results in a loss of $4.6 million in intellectual property and costs about $600,000 to clean up, DeWalt said.

"We don't have the good risk models and as a result people are taking risks," said Eugene Spafford, a professor of computer science with Purdue University who contributed to McAfee's report on its survey data.

Security breaches will go up as a result of the downturn, especially as companies try to trim information security costs, although "it's not clear that we will see a lot of them attributed back directly to security issues," he said.

Still, not everyone sees the downturn as a game-changer.

"I'm not sure I recognize a greater threat to this company because of the downturn in terms of cyber threats," said Jim Klotz, CIO with the PMA Insurance Group in Blue Bell, Pennsylvania. Increasing cyber crime is just a fact of life, and it would be growing with or without the slump, he said. "More people are capable and more people are finding profit in it."

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Robert McMillan

IDG News Service
Topics: mcafee, security, data theft
Comments are now closed.

Latest News Articles

Most Popular Articles

Follow Us

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Resources

Best Deals on GoodGearGuide

Compare & Save

Deals powered by WhistleOut
WhistleOut

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?