How has cyber technology created opportunities for workplace deviance?

We rely on the products and services that businesses in our communities and worldwide provide, and those businesses rely on technology to make those products and services available. In order to keep their day-to-day operations successful and without downtime, businesses will prepare and anticipate cyberattacks through various means of their cybersecurity programs. Unfortunately, what businesses are not typically prepared for or anticipate are the threats that come from within their business, whether that be the actions of naive, well-intentioned staff members or defiant employees who intentionally attack an organization for any number of reasons.

Cyber technology’s intended use should be a tool for employees to use as they perform their duties to carry out the business’s primary directives. For example, using accounting software for payroll or control systems for inventory and production is usually an appropriate use of cyber technology. However, in order to use these systems and many others, they often require certain access permissions and the data stored within them is usually confidential in nature, such as medical records for patients, customer records or employee demographic information. Should those access permissions be obtained by someone within a business, such as a disgruntled employee who feels they were incorrectly passed over for a promotion or a similar situation, and the integrity and confidentiality of the information become compromised, it could spell disaster for that business, losing them profits and reputation.

Businesses have a responsibility to their industry and their consumers to protect available information and a responsibility to themselves to protect their efficiency. In order to do so, businesses should take precautions to ensure that their cybersecurity programs are prioritizing the education of their staff and other employees, creating policies for utilizing their software and hardware, keeping a well-managed access control model, and maintaining security processes for all cyber technology available to all staff.

Moreover, above all, should a business, unfortunately, have to deal with a deviant, disgruntled, or advantageous employee, they should take the necessary steps to respond and recover while maintaining transparency about the realities of insider threats.