Tessian has surveyed 2,000 employees throughout UK and US businesses and revealed that 71% of IT leaders have identified that security risks have increased in their organizations due to what is now known as the ‘Great Resignation’.
Over 45% of IT leaders have also witnessed incidents involving data exfiltration increasing throughout 2021, where many people were leaving their positions within their organizations and taking data with them. It has also gone so far as 29% of the employees who quit their job have admitted that they indeed took data with them on the way out.
Among the top brackets for most likely to take data with them upon leaving a position within their organization is within marketing teams, currently polled at 63% of respondents within the departments admitting that they have done so.
However, equal percentages within HR departments and IT teams have also admitted to taking data with them upon leaving organizations, both standing at 37% each.
Where the Data is Headed
When probed on the question of why data was taken with them upon leaving their organizations, 58 per cent of respondents claimed that the informative data taken would prove fruitful in helping them secure another position in a new job. A further 53 per cent of respondents laid claim to the information simply because they worked on the documents, whilst 44 per cent polled admitted that data was taken with the express purpose of sharing it with their new employer.
The greater aspect of security risks about this survey is that the year 2022 highlighted 55% of the respondents looking to leave their current employer, with a further 39% either currently working their notice or seeking new opportunities within the next 6 months.
Pressure on IT and Security
This highlights the pressures that IT and security firms are currently under in keeping company data safe during this period of great resignation.
Whilst many take company documents and data with the intent of malicious behaviour, many take data either without fully realising or not understanding the implications of doing so. Organizations, therefore, have a clear duty to inform and communicate expectations regarding all data ownership to each employee and acknowledge that there is a breakdown in communication which has led to a cultural acceptance for employees to simply take documents upon their leaving of employment with the company.
The need for building better security cultures, gaining greater visibility into data loss threats and communicating the expectations around data sharing with employees is a key step in being proactive with security over data.