As inflation jumps, will your security suffer?
As inflation jumps, will your security suffer?
The annualized inflation rate in the U.S. recently accelerated to 9.1% in June, representing the highest rate since November 1981. While this is bad news for a lot of people and business organizations, two aspects have received little attention.
The first is how inflation can hurt a company’s cybersecurity efforts; and second, how price jumps could signal a change for the broader technology industry that could present challenges and threats.
This is because in times of rapidly rising prices, security vendors may become more aggressive about their own fees.
In one case, an eMazzanti Technologies Fortune 100 client saw a security tool vendor – that had granted a customer discount to the firm for more a decade – yank the preference under a “change in program” clause. Because the security tool was embedded in its security stack, our client had to accept the new pricing. It was not the first case we saw, and it will not likely be the last.
There may be ways, however, to blunt the impact. When a longtime security tool supplier advised us of a significant pricing jump – which we would normally pass on to customers – we instead started a dialogue about “skinnying down” the features, without compromising security, as a way to mitigate the increase to the point where we could “eat” the cost and leave our clients’ expenses unchanged.
Will we be able to continue to absorb those costs? A lot will depend on what happens during the next year or so. Technology companies profit by introducing new, innovative products, but recent bouts of inflation threaten to upend a 20-year trend of competitive pricing that enabled technology’s benefits to outweigh the associated costs. If inflation continues to rage, technology customers may push back in Year Two and instead of evaluating new tools, they may instead demand discounts in order to align their costs with their budgets.
We are already seeing the effects play out in the hiring landscape, as major companies like Apple, Google and Facebook parent Meta pause their job growth and reportedly rescind some job offers. This could lead to job cuts for mid-level technology managers – who earn annual salaries of $150,000 or more with average 10% salary increases – as companies shift their focus to bringing on new, less-experienced hires at significantly lower salaries.
That cost-cutting strategy, however, may expose a company to new risks, because when highly educated and experienced people cannot get a job with the good guys, they may join the bad guys in order to put food on the table. That is a significant external threat, but it is even more of a problem if a company hires someone who has gone over to “the other side,” since they are now an internal threat and are positioned to do even more harm.
Similar to the way that we suggest taking a layered approach to cybersecurity, companies may wish to advise their human resources department to take a layered approach to background checks on new hires, and even on existing personnel. These background checks should go beyond the standard criminal history investigation – which may be limited by state or local regulations, anyway – and include a credit report that can highlight potential red flags. A new hire who was taken on at a significantly lower salary compared to his or her previous job, for example, may represent a bargain in the eyes of the HR department, but can also represent a threat, since deep debt or the threat of losing a home could drive a person to engage in unscrupulous actions. That’s especially pertinent if they have access to sensitive data that might be valuable to unauthorized individuals or groups. It is not a certainty and should not necessarily be a reason not to hire such a person, but such situations may warrant a higher level of scrutiny.
Other potential red flags that HR should be aware of include employees who routinely take unscheduled time off or who chronically complain about commuting or other living costs. Collection or wage garnishment notices may be another indicator that an employee is living above his or her means and may be at risk of engaging in hacking or other behavior that will net them much-needed cash while putting your organization at risk.
Businesses of all sizes are operating in uncertain times, and the addition of inflation introduces new variables that affect everything from operations to hiring. As with robust cybersecurity services, companies that remain aware of their environment and take timely steps to respond will be better positioned to continue to thrive.
Carl Mazzanti is president of eMazzanti Technologies in Hoboken.