The Human Element of Insider Threats – Multiple Jobs, Multiple Risks

By Findlay Whitelaw, Senior Director, Insider Threat Program, Solution Engineering

Insider threats have long posed a formidable challenge for organizations worldwide. But as we navigate the nuances of our modern ways of working in an evolving landscape, a new facet of insider threats emerges. This blog post will delve into the rise of individuals maintaining multiple jobs or, more worryingly, individuals outsourcing their work contracts, which are trends fueled partly by the pandemic-driven shift to remote work and the financial necessities from the current cost of living crisis.

A recent 2023 report highlights the extent of how the UK’s fast-growing gig economy (where individuals are paid to undertake short-term tasks or projects and are generally outcome-based), has seen a substantial increase in the number of individuals holding multiple jobs, of which more than 50% also have a full-time job. Similarly, another UK-based survey into side hustles (where individuals undertake longer-term, ongoing income-generating based activities) found that 44% of Brits have a side hustle in 2023. Likewise, in the US, a survey by Millennial Money found that more than one-third of Americans reported having a side hustle in 2022, and a further 51% said they were considering starting one, driven by economic pressures. 

A different and more disconcerting trend sees individuals outsourcing their contractual obligations to their parties, including family members. One case that made the headlines involved a software developer who outsourced his job to a programmer in China, paying him less than a fifth of his six-figure salary. This case highlights the risks organizations face in this era of remote work, where geographical boundaries are blurred, and roles are easily outsourced. These practices inevitably expand the insider threat landscape, with more people accessing sensitive information and increasing the potential for data breaches. Furthermore, it becomes increasingly more challenging for security teams to monitor and maintain accountability when employees outsource their work to maintain multiple jobs. 

While this might be a means of weathering the financial crisis for many, it introduces potential new security and insider risks; having multiple jobs or engaging in various working arrangements alongside a full-time primary job can increase the potential for insider threats. The risk of data leakage, information sharing, unauthorized access, and insider trading are only a few scenarios that could occur, especially where friends, family, or external parties are involved. Notwithstanding the degradation of security controls and the organizational impact of these scenarios, individuals who have more than one primary role or who are engaging in side hustles or gigs run an increased risk of:

  • Burnout
  • Increased stress and mental health challenges
  • Reduced work-life balance
  • Violation of internal policies, for example, conflicts of interest, working time directives, security policy
  • Lack of focus, making mistakes, and performance issues, which can result in an increase in accidental insider threats
  • Legal and tax implications

The solution, in part, lies in ramping up technical safeguards and deploying security monitoring, such as security information and event management (SIEM) and user and entity behavior analytics (UEBA) technologies. Most importantly these policies help administrators understand the human elements driving these behaviors. On the technical front, UEBA and SIEM systems are crucial; they provide granular visibility into user activity, helping to track whether users are complying with the organization’s security policies and protocols, detecting policy violations early on, and enabling proactive security responses. These systems can identify anomalies, such as tasks being performed at unusual times or from different geographical locations, which could indicate outsourced work.

If a cost of living crisis is pushing employees toward secondary jobs and or outsourcing, organizations should aim to foster an environment where employees feel financially secure. Organizations can consider the cost of living adjustments such as working from home allowances. More information and other recommendations can also be found in my recent blog, The Human Element of Insider Threats: A Strategy to Address Financial Hardship, which highlights the need to balance empathy with vigilance as we protect our organizations during these uncertain times.

While engaging in multiple primary roles, side hustles or gigs offer potential financial benefits, skill development, flexibility, and an expanded network. Individuals’ experiences can vary depending on their individual circumstances, personal preferences, and effective management. Nevertheless, in this evolving threat landscape, it is essential to remember that every insider threat has a human element. By acknowledging and addressing these elements and leveraging advanced security technologies, including SIEM and UEBA, organizations can navigate the challenges our modern ways of working pose. 

Resources

https://www.securonix.com/blog/human-element-of-insider-threats-addressing-financial-hardship/

https://www.standout-cv.com/gig-economy-statistics-uk#key-statistics

https://www.finder.com/uk/side-hustle-statistics

https://www.millennialmoney.com/side-huste-statistics/

https://www.bls.com

What is Network Detection and Response (NDR)?
4 Top Cybersecurity Trends for 2024
The Different Types of Insider Threats and How to Stop Them
A Practitioner’s Perspective of DevOps: Keeping Systems Updated