High-profile corporate hacks are almost nonevents at this point. They just keep getting bigger and bigger, and there doesn't seem to be an end in sight. But economist Allison Schrager made a good point in Businessweek on Monday about how fair compensation for employees is crucial to IT security. People who feel valued and are happy with what they make are less likely to undermine security from the inside, a problem that’s apparently just as common as malicious external attacks from hackers.
It makes sense. A disgruntled employee might watch with glee as his company scrambled to deal with a security nightmare. For example, Home Depot’s former lead security engineer is currently serving a four-year federal prison sentence for wreaking havoc on the security network of an oil and gas company where he worked previously. Home Depot, incidentally, revealed a massive data breach last month.
An FBI and Department of Homeland Security joint notice from last month says, “The FBI and DHS assess that disgruntled and former employees pose a significant cyber threat to US businesses due to their authorized access to sensitive information and the networks businesses rely on.” And Schrager points out that employees are shown to be more likely to steal if they feel that they have been wronged by their employers. Since pay is an important part of feeling respected in the workplace, better pay for employees with sensitive IT information and access could mean fewer problems.
It’s not a guarantee, but it seems like just one more reason to show employees that they’re valued. Maybe it’ll reduce Post-It theft, too.