Employees are the company’s greatest asset but they have also the potential to be the company’s greatest risk. Thousands of business leaders around the world are realizing every day that the greatest threats to companies can come from within. Employees, either intentionally or unintentionally, are causing damages that cost billions each year and can ruin a well-established company in no time.
Every employee’s laptop, smartphone or tablet today is a potential entry gate for cybercrimes and data breaches. It means tens, hundreds and even thousands of entry gates in each company, for malwares, rasomwares and phishing attempts.
Those devices – whether owned by the company or by the employees, whether used in the office, at home, in the car or in a coffee shop – are much more vulnerable today than ever to cyber-attacks. These are not pure office workstations anymore. Employees are using their devices all day long, mixing work with personal use. They are installing all kind of apps, opening files from many sources and sharing information, while jumping over between their workplace apps and their private ones and while working sometimes remotely, connected through hot spots that do not provide secure Wi-Fi.
In its “2020 Global Threat Report”, the cybersecurity technology company CrowdStrike is highlighting that ransom demands are soaring, causing organization unparalleled disruption. The report also mentions that cybercriminals are weaponizing sensitive data to increase pressure on ransomware victims. The FBI “Internet Crime Complaint Center 2019 Internet Crime Report” analyzed that nearly 90% of U.S.organizations are targeted by all kinds of phishing attacks. The report indicates that 39% of employees tend to click on phishing tempting links. It estimates that between 2017 and 2019, phishing and cyber-attacks had caused damages to U.S.businesses of more than 7.5 billion dollar. Almost half of all business data breaches can be traced back to carelessness from employees.
Regardless the evolving advanced cyber technology, human factor will always be the easiest to crack. Every skilled reporter knows how easy it is to manipulate employees, causing them to reveal sensitive information about a company, its future plans, its internal politics and all kind of secrets that make an interesting and sensational journalism. Sometimes all is needed is to flatter the employee’s ego and make him feel important.
Competitors and entities in legal dispute are also aware how impactful it can be to win their battle by entrapping a key person in a company. Black Cube, a private intelligence agency that was founded by veterans of the Israeli Military Intelligence and the Israeli Mossad, became world leader in this growing field of corporate espionage. Old fashion methods like money and sex never lost their effectiveness in bringing people, intentionally or unintentionally, to abandon their commitments to their company or to ignore the warning signs.
Private social network accounts of employees are becoming the primary arena through which skilled manipulators are trying to trap their victims. Fake profiles, fake conversations and fake pictures are functioning as key tools to weaken the defense mechanism of the target and divert him/her to a point of no return. That is why law makers recognize that the right of employees to privacy should be balanced with the right of the employers to protect their trade secrets, their reputation and their stability.
According to survey made in 2019 by salary.com, the leading enterprise resource for compensation data in the U.S., 90% of employees waste time at work each day. On average, employers are losing 2.5 hours of employees’ productivity per day, equal approximately to $759B in salaries annually (U.S.). 40% of the wasted time is spent on social media platforms, for personal usage.
The rest of the wasted time is spent on socializing with co-workers, conducting personal business, taking personal calls and long lunch breaks. 60% of workers admit to making online purchases when they are supposed to working, and many more play video games.
As more and more people are working remotely, the issue of time-wasting at work is becoming significant. Even before the Covid 19 pandemic, the share of employed people that worked from home (usually or occasionally) soared in the U.S. and the EU, due to the advent of a reliable and robust broadband internet connection, whether at home or outdoor. The pandemic forced other hundreds of millions to work remotely and many experts believe that it will reshape the future of work forever. When more and more employees are far from being seen and inspected by their managers, trust in workplaces might be diminished. It might lead to an atmosphere of suspicion, to micromanagement, employees’ dissatisfaction and higher stress levels for everyone.
Fraud is a general category that includes both embezzlement and theft. According to the Association of Certified Fraud Examiners (ACFE), “the typical U.S. business loses 7% of its annual revenues to employee fraud” and “small businesses have the most cases and the highest losses.” The ACFE estimates that in 2019, the total cost to U.S. organizations, resulted by employees’ theft, reached the incredible sum of 50 billion dollar.
According to the U.S. Chamber of Commerce, it is believed that 75% of employees steal at least once. They also estimate that the incidence of employee theft is 15 times greater than external theft and that 30% of business failures are caused by employee theft or embezzlement. According to the FBI, corporate theft is the fastest growing crime in the United States. It’s bigger than identity theft, cyber fraud, credit card theft and internet scams. And what makes it a most pernicious crime is it’s difficultly to uncover.
It can start with minor fraudulent expense reports or “non-cash” small items like office supply, food or toilet paper. But even the pettiest can lead some employees to perpetrate a significant embezzlement like forging checks, submitting phony invoices, conspiring with suppliers and so forth. There are some warning signs that should raise the suspicion of an employer like declining profits, unexplained inventory shortages, discrepancies in accounting and more. Many red flags can be seen only by observing and analyzing employees’ digital behavior and finding traces for irregularities and abnormalities.
Abusive supervision or workplace bullying is defined as “a systematic aggressive communication, manipulation of work, and acts aimed at humiliating or degrading one or more individual that creates an unhealthy and unprofessional power imbalance between bully and target(s), result in psychological consequences for targets and co-workers, and cost enormous monetary damage to an organization’s bottom line.” (NWBC Board Member Catherine Mattice and colleague Karen Garman).
Bullying can include such tactics as verbal, nonverbal, psychological, physical abuse and humiliation. This type of workplace aggression is particularly difficult because, unlike the typical school bully, workplace bullies often operate within the established rules and policies of their organization. In the majority of cases, bullying in the workplace is reported as having been done by someone who has authority over the victim. Negative effects are not limited to the targeted individuals, and may lead to a decline in employee morale and a change in organizational culture. Abusive supervision, workplace bullying and all kinds of hostile work environment are costing American firms huge amount of money for losing productivity, employees turnover, health assistance, legal ramification and rehabilitation payouts, estimated in the U.S. alone in 2019 at about 1.8 billion dollar. Bullying can be covert or overt. It might be known by many throughout the organization but may be missed by the senior executives who tackle those cases only when they become costly. Like other organizational phenomena, bullying also can be analyzed and traced through employee’s behavior. bullying also can be analyzed and traced through employee’s digital behavior.
Workplace sexual harassment is defined as “unwelcome sexual advances, requests for sexual favors, and other verbal or physical conduct of a sexual nature, when this conduct explicitly or implicitly affects an individual’s employment, unreasonably interferes with an individual’s work performance, or creates an intimidating, hostile or offensive work environment” (The United States’ Equal Employment Opportunity Commission – EEOC).
Throughout the United States workplace, 79% of sexual harassment victims are women and 21% are men. Out of those numbers, 51% were harassed by a supervisor. Though sexual harassment happens in most professions, business, trade, banking, and finance are the biggest industries where sexual harassment occurs. In 2017 the Me Too movement swept through the world and brought a fresh focus on sexual harassment in workplaces. It was followed by increasing awareness and confidence of victims, to file charges against sexual harassers. In many cases, both the harasser and the victim are forced or choose to leave the organization.
The estimated cost of sexual harassment for U.S. businesses in 2019 (including legal fees, settlement payouts, decreased productivity, increased employees turnover, and reputational harm) is approximately 575 million dollar. Sexual Harassment can also be analyzed and traced through employee’s behavior.
The relationship between employees and employers is changing in our time. A manager who expects a twentieth-century concept of loyalty in the twenty-first century may be surprised when workers express a sense of entitlement, ask for a raise after six months, or leave for a new job after twelve months.
Millennials are three times more likely than older generations to change jobs. About nine in ten millennials say they do not expect to stay with their current job longer than three years. Rather than trying to build up seniority within a company, switching workplace is perceived today as a faster way for employees to improve their salaries.
No wonder that head hunting and talent poaching are in rise. 25% of U.S. businesses are experiencing an increase in talent poaching at the C-suite level. HR managers are doing their best to retain the organization best talents, but in many cases it is too late. Once decision was made it is almost impossible to turn the clock backwards. Retention proposal can be effective at the starting point of the process. Usually there are warning signs that indicate that the employee is in a search mode or is being poached. The cost of ignoring those signs is high. HR researches indicate that average time hiring an open position is 42 days and recruitment cost can get to 30 thousand dollar per person.
Retaining the customer’s satisfaction requires talented frontline employees. Those employees in many cases are the face of the company. They develop personal relationship with customer individuals and key persons. They are trusted, appreciated and embraced. They are in no doubt an invaluable asset to the company….until they decide to leave, whether to a competitor or to establish their own business.
Company attorneys should always add a non-solicitation clause to employee’s contract. This clause should deter the departure employees to attempt to lure customers and take them to their new boss or their own new business. But the issue of solicitation is blurred and has many grey areas, which can be easily exploited by a manipulator employee. It can be just a “coincidental” bumping into a former client in the supermarket, a generic social media message or even a friendly BBQ party. As long as the former employee is not inviting explicitly the customers to work with him/her, it cannot be considered as a violation of the contract. The same goes if officially it’s the customer who asks the former employee to take the job. Only a non-competition clause might help, but courts are not tending today to enforce this kind of clause.
With the growing share of millenials in workforce, the risk of employees walking out the door and taking clients with them is significantly increasing. Warning signs that show too close relationship between an employee and a client can be detected and the damage can be avoided.