How mass layoffs will create some major security vulnerabilities

A padlock against a black computer screen.
(Image credit: Pixabay)

More than 120,000 workers from 428 tech companies were laid off in the first two months of 2023, according to data reported by

While tech redundancies have been amongst the most high-profile in media coverage, the ongoing cost-of-living crisis and economic climate unfortunately means that more companies will be looking to reduce their size in the year ahead. Indeed, in recent weeks we have seen further examples of cutbacks across industries including automotive, banking, consulting, and retail.

This mass layoff of workers will no doubt create some major security vulnerabilities, whether that is the result of a disgruntled employee, or diminished IT support causing the right steps and care around offboarding not being taken. The threats posed by disgruntled employees

The threats posed by disgruntled employees

With detailed knowledge and access to internal systems and data, unfortunately an organization's own employees can be one of its biggest cybersecurity threats. With a high level of redundancies, organizations need to pay particularly close attention to disgruntled employees – who could become insider threats.

If employees feel unappreciated, at risk of redundancy, or disagree with the way change is being managed, the risk of them compromising the organization increases. These individuals may decide to create problems, or take data with them to rival businesses or media publications - and the damage could be significant with their insider position.

In addition to managing and responding to the concerns from permanent employees, companies must also consider those who are not having their contracts extended. Many of these workers will have given months, if not years, to an organization before being told they’re no longer needed. This is particularly true in the tech sector where employers heavily rely on contractors who have specific skills.

Even those who escape the redundancy process may harbor negative feelings, with reduced headcount leaving them feeling over-worked or unsupported. Those who remain may check out entirely, ‘quiet-quitting’ or worse – which will require a careful response from leaders and line managers to rebuild morale.

With emotions running high and people feeling wronged, it is prudent to provide support mechanisms, in addition to conducting monitoring, and assessing morale using engagement surveys and anonymous feedback channels. Identity and access management should be a top priority to control opportunities for incidents to occur.

In addition to managing access, the redundancy process itself needs to be carefully managed. Social media posts from employees and media coverage can quickly follow if communications are perceived as being insensitive or clumsy. Companies whose layoffs become high-profile due to a controversial process may find themselves a higher risk of cyberattacks. Wherever there is uncertainty and doubt, cybercriminals will follow. Companies going through periods of turbulence are closely watched by bad actors, hoping to identify new opportunities to make some quick cash.

Chris Harris

Chris Harris is EMEA Technical Director at Thales, with over 25 years' experience in Information Security.

Diminished IT teams

Even with the rapid growth in the frequency of cyberattacks over the last few years, cybersecurity teams still find themselves competing against other areas of the business for much needed resource and having to justify themselves.

A robust cybersecurity apparatus including multi-factor access management, encryption, and key control. And this all needs to be managed by people – whether that is an internal team or a third party. The reality is that this is far more than just a ‘nice to have’; it’s fundamental to running a modern business successfully.

Lay-offs within the IT team means specialist knowledge is lost within the business on the status of things like security certificates, routine patching and software updates. If IT layoffs become public knowledge, bad actors will seize the opportunity to probe for weaknesses with the intention of stealing critical data or holding it to ransom.

Teams in transition

Whether they are making redundancies or not, organizations are seeing a lot of churn in their workforces. In fact, according to research by CWJobs, 53% of tech workers are pre-emptively applying for new jobs. Put simply, the uncertainty in the market means people are seeking other opportunities when if don’t even have to.

The first consideration here is that new employees entering the workforce will need to be properly onboarded and trained around IT and security best practice – and this will of course require additional support from the IT team. With the World Economic Forum’s 2022 Global Risks Report finding that 95% of all cybersecurity issues can be traced to human error, this is a huge area of possible risk and cannot be overlooked. The next consideration is the impact of changes in leadership. With so many other developments taking place and diverting attention, leaders might not be aware of emerging cyber issues or have the time to make critical decisions – leaving their business at risk for situations to get worse.

While redundancy is never positive news, if those employees can secure new jobs quickly elsewhere in other tech companies, it could encourage widespread industry innovation. Fresh talent can bring new ideas and perspectives, possibly driving higher performance.

Fundamentally, transition and change is inevitable, however difficult it might be. Periods of uncertainty are prime opportunities for bad actors, whether internal or external, to take advantage. Companies must not forget the principles and importance of cyber defenses, and actively seek to maintain them throughout the process. In doing so, they will be well on the way to restoring both employee and customer trust.

We've featured the best business VPN.

Chris Harris, Vice President, Field Engineering at Couchbase.