This article appeared in Cybersecurity Law & Strategy, an ALM publication for privacy and security professionals, Chief Information Security Officers, Chief Information Officers, Chief Technology Officers, Corporate Counsel, Internet and Tech Practitioners, In-House Counsel. Visit the website to learn more.
Hiring new employees is a critical function of doing business, and the onboarding process transcends industry, company size, and physical location. Organizations often need new talent to capture opportunity, optimize productivity, expand into new sectors, build products, and strengthen existing services. However, personnel transitions are equal opportunities for threat actors, and in some cases criminals, to exploit the hiring and onboarding process for the purposes of gaining unauthorized access to a valuable target. With new employees come new risks; from aspiring insider threats that intend to join a target to extract sensitive information, to insecure processes being exploited due to too much trust being placed in candidates and new hires.