As work-from-home policies persist for many enterprises amid the global pandemic – and may become permanent in the long run – the cyber threat landscape has become much more complicated. Current work arrangements are so far from the norm that a new threat has emerged: the "disrupted" employee. We are all familiar with the concept of a malicious employee actively trying to damage the company or exfiltrate data out of financial interest or revenge. Much more common is an employee who is fully compliant and follows your security policies as second nature.
A disrupted employee is someone in between: trying to do their job right but with less secure means. He or she may face challenges in getting projects done due to no longer having access to the office's infrastructure or face-to-face interactions. Gone are the water cooler conversations or impromptu meetings in the hallways, as we rely on Zoom or WebEx calls to stay connected. Informal information exchanges are all but gone.