Insider Risk on the Rise: 12% of Employees Take IP When Leaving Jobs

Written by

Twelve percent of all employees take sensitive intellectual property (IP) with them when they leave an organization.

The data comes from workforce cyber intelligence and security company Dtex, which published a report about top insider risk trends for 2022 earlier today.

“Customer data, employee data, health records, sales contacts, and the list goes on,” reads the document. “More and more applications are providing new features that make data exfiltration easier. For example, many now provide the ability to maintain clipboard history and sync across multiple devices.”

Case in point, the report also suggests a 55% increase in unsanctioned application usage, including those making data exfiltration easier by allowing users to maintain clipboard history and sync IP across multiple devices.

“Bring Your Own Applications (BYOA) or Shadow IT can be a source of intelligence for business innovation,” Dtex wrote. “Still, they pose a major risk if the security team has not tested these tools thoroughly.”

Further, the new data highlight a 20% increase in resignation letter research and creation from employees taking advantage of the tight labor market to switch positions for higher wages.

“In most cases, an individual planning to leave the business is not pleased with the company’s product, co-workers, work environment, or compensation,” reads the report. “Disgruntled employees are usually jaded by a business that has not shown any steps to alleviate concerns, even after communication attempts.”

Finally, the Dtex report says the industry has witnessed a 200% increase in unsanctioned third-party work on corporate devices from a high prevalence of employees engaged in side gigs.

“We have found six unique identifiers to indicate remote workers are using computers for 3rd party work,” the report says.

These ‘side gigs’ reportedly leverage corporate IP to assist third-party businesses that may be in direct competition with the employer, Dtex wrote.

"One example we found was a social media marketer utilizing corporate-purchased Adobe Creative Cloud to provide services to a 3rd party business during expected corporate work hours.”

The full text of the Dtex report is available at this link here. Additional data highlighting the risks connected with insider threats can be found in research published at the end of September by Searchlight Security.

What’s hot on Infosecurity Magazine?