Security experts are urging companies to strengthen employee offboarding processes to curb insider threats, following a surge in cases of departing staff stealing data or sabotaging systems.
Recent incidents have highlighted the risks. In July, former Intel engineer Varun Gupta received probation and a fine after taking confidential files to Microsoft. In Singapore, a dismissed NCS worker was jailed for deleting 180 servers. In the US, ex-Eaton Corp developer Davis Lu was convicted of planting malicious code and sabotaging networks.
Experts warn that delayed access revocation gives disgruntled employees opportunities to cause damage. “It’s all too common for departing staff to walk away with sensitive data because their access isn’t revoked fast enough,” said Josh Kirkwood of CyberArk.
Damian Garcia of IT Governance stressed that hybrid work environments widen these risks, as employees remain connected to company systems outside the office. He added that layoffs, workplace tension, or feeling undervalued can trigger malicious actions.
To prevent such threats, Garcia advised businesses to cut system access immediately when employees leave, particularly for IT administrators and developers with deep system privileges. “When someone exits, especially on bad terms, you need to act fast—don’t wait until after the weekend,” he warned.
Experts agree that HR, IT, and security teams must collaborate closely. Automating identity lifecycle management and using user behavior analytics tools can help organizations swiftly revoke access and detect anomalies.
Shane Barney, CISO at Keeper Security, said behavioral monitoring adds a vital safeguard by spotting unusual activity that may signal insider intent.
Stay ahead of emerging cybersecurity threats. For the latest insights and updates on cloud security, follow SOC News.
News Source: ITPro.com
