{"id":35084,"date":"2020-05-20T19:40:00","date_gmt":"2020-05-20T19:40:00","guid":{"rendered":"https:\/\/www.darkreading.com\/risk\/60--of-insider-threats-involve-employees-planning-to-leave\/d\/d-id\/1337876"},"modified":"2020-05-20T19:40:00","modified_gmt":"2020-05-20T19:40:00","slug":"60-of-insider-threats-involve-employees-planning-to-leave","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/60-of-insider-threats-involve-employees-planning-to-leave\/","title":{"rendered":"60% of Insider Threats Involve Employees Planning to Leave"},"content":{"rendered":"<header>\n<\/header>\n<p><span class=\"strong black\">Researchers shows most &#8220;flight-risk&#8221; employees planning to leave an organization tend to start stealing data two to eight weeks before they go.<\/span> <\/p>\n<p class>More than 80% of employees planning to leave an organization bring its data with them. These &#8220;flight-risk&#8221; individuals were involved in roughly 60% of insider threats analyzed in a new study.<\/p>\n<p>Researchers analyzed more than 300 confirmed incidents as part of the &#8220;2020 Securonix Insider Threat Report.&#8221; They found most insider threats involve exfiltration of sensitive data (62%), though others include privilege misuse (19%), data aggregation (9.5%), and infrastructure sabotage (5.1%). Employees planning an exit start to show so-called flight-risk behavior between two weeks and two months ahead of their last day, the researchers discovered.<\/p>\n<p>Most people who exfiltrate sensitive information do so over email, a pattern detected in nearly 44% of cases. The next most-popular method is uploading the information to cloud storage websites (16%), a technique growing popular as more organizations rely on cloud collaboration software such as Box and Dropbox. Employees are also known to steal corporate information using data downloads (10.7%), unauthorized removable devices (8.9%), and data snooping through SharePoint (8%).<\/p>\n<p>Today&#8217;s insider threats look different from those a few years ago, says Shareth Ben, director of Insider Threat and Cyber Threat Analytics with Securonix. Cloud tools have made it easier for employees to share files with non-business accounts, creating a challenge for security teams.<\/p>\n<p>&#8220;The issue with these cloud collaboration tools, from a data leakage standpoint, is the IT admins and security operations teams don&#8217;t have much visibility into what happens with respect to how users share the data,&#8221; Ben explains. Most companies have adopted the cloud, or are in the process of adopting the cloud, because it&#8217;s a business priority \u2014 but security is often <a href=\"https:\/\/www.darkreading.com\/cloud\/as-businesses-rush-to-the-cloud-security-teams-struggle-to-keep-up\/d\/d-id\/1337832\" target=\"_blank\" rel=\"noopener noreferrer\">left behind<\/a>.<\/p>\n<p>IT security operations teams, especially at large businesses, struggle to draw conclusions from insider threats due to lack of, or differences between, policies and procedures from each line of business, the report states. Tools to detect data aggregation often lag behind, mostly because businesses have trouble classifying data considered sensitive when it&#8217;s spread across networks. As more companies trust their employees to do the right thing while using cloud applications, it gets tougher to figure out when someone has gone rogue.<\/p>\n<p>&#8220;It&#8217;s becoming more and more difficult to differentiate the abnormal from the normal,&#8221; Ben explains. He offers some additional insight on how to detect suspicious employee activity.<\/p>\n<p><strong>Spotting Red Flags<\/strong><br \/>There are two ways to detect flight risk, Ben says. In the first stage, companies can look for increased instances of an employee trying to access certain websites. Their browsing activity will include more time on job search websites; they may email a resume to external parties. If the employee in question is an administrator, &#8220;that&#8217;s even more alarming,&#8221; Ben continues. He cites instances in which someone tries to access certain administrative accounts or SharePoint sites. This kind of behavior isn&#8217;t necessarily bad, he notes, but it does prompt a closer look.<\/p>\n<p>In the second stage of detecting a flight risk, the people who exhibit the initial behavior start to move information considered sensitive via email, collaboration tools, or USB. The use of USB devices has continued to decline for two primary reasons: More organizations have begun to either block or restrict USB usage, and employees are growing more reliant on cloud-based tools. Ben also notes that emails to an individual account are typically more suspicious than emails to several people. It&#8217;s unlikely an insider would involve a group in a data exfiltration scheme.<\/p>\n<p>With respect to privileged account misuse, <a href=\"https:\/\/www.securonix.com\/resources\/insider-threat-report-may-2020\/\" target=\"_blank\" rel=\"noopener noreferrer\">researchers noticed<\/a> specific behaviors that could lead to an insider threat. These include circumvention of IT controls (24.3%), geolocation anomaly (18.9%), rare audit log tampering and suspicious command executed (16.2%), account sharing (13.5%), authentication anomaly (10.8%), and self-escalation of privileges (8.1%).<\/p>\n<p>While Ben says the type of data exfiltrated varies by organization, most employees planning to leave a company take things they worked on. Someone who spent most of their time on a project may feel entitled to it; however, their employer may feel differently. Most people try to exfiltrate Microsoft Office files, he notes. Source code is another common type of stolen data.<\/p>\n<p>Target data also varies depending on industry vertical. In pharmaceuticals and life sciences, where 28.3% of incidents took place, insiders may target valuable intellectual property. In financial services, the second-largest hotspot for insider threats at 27.7%, rogue insiders may find value in stealing personally identifiable information or banking data. The Verizon &#8220;2020 Data Breach Investigations Report&#8221; <a href=\"https:\/\/www.darkreading.com\/application-security\/web-application-attacks-double-from-2019-verizon-dbir\/d\/d-id\/1337860\" target=\"_blank\" rel=\"noopener noreferrer\">discovered<\/a> 35% of attacks on financial and insurance organizations involved internal actors.<\/p>\n<p>&#8220;The bigger the brand, the larger the corporation, the more they have to lose, the larger the risk exposure,&#8221; Ben says. Most Fortune 500 companies have a dedicated insider threat group focused on mitigating the organization&#8217;s risk. Smaller and midsize companies want to have the same but lack the budget. Other priorities, such as installing the right security tools, come first.<\/p>\n<p><strong>Related Content:<\/strong><\/p>\n<div><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/VIRTUALSUMMIT_DR20_320x50.jpg\" alt width=\"450\" height=\"70\"><\/div>\n<div><em><strong><strong>Learn from industry experts in a setting that is conducive to interaction and conversation about how to prepare for that &#8220;really&nbsp;<\/strong><strong>&nbsp;bad day&#8221; in cybersecurity. Click for<\/strong><strong>&nbsp;<a href=\"https:\/\/events.darkreading.com\/virtualsummit\/\" target=\"_blank\" rel=\"noopener noreferrer\">more information and to register<\/a>.&nbsp;<\/strong><\/strong><\/em><\/div>\n<p><span class=\"italic\">Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance &amp; Technology, where she covered financial &#8230; <a href=\"https:\/\/www.darkreading.com\/author-bio.asp?author_id=837\">View Full Bio<\/a><\/span> <\/p>\n<p><strong>Recommended Reading:<\/strong><\/p>\n<p><span class=\"smaller strong red allcaps\">More Insights<\/span><\/p>\n<p> Read More <a href=\"https:\/\/www.darkreading.com\/risk\/60--of-insider-threats-involve-employees-planning-to-leave\/d\/d-id\/1337876?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Researchers shows most &#8220;flight-risk&#8221; employees planning to leave an organization tend to start stealing data two to eight weeks before they go. Read More <a href=\"https:\/\/www.darkreading.com\/risk\/60--of-insider-threats-involve-employees-planning-to-leave\/d\/d-id\/1337876?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple\">HERE<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[151],"tags":[],"class_list":["post-35084","post","type-post","status-publish","format-standard","hentry","category-darkreading-ti"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>60% of Insider Threats Involve Employees Planning to Leave 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/60-of-insider-threats-involve-employees-planning-to-leave\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"60% of Insider Threats Involve Employees Planning to Leave 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/60-of-insider-threats-involve-employees-planning-to-leave\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2020-05-20T19:40:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/VIRTUALSUMMIT_DR20_320x50.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/60-of-insider-threats-involve-employees-planning-to-leave\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/60-of-insider-threats-involve-employees-planning-to-leave\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"60% of Insider Threats Involve Employees Planning to Leave\",\"datePublished\":\"2020-05-20T19:40:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/60-of-insider-threats-involve-employees-planning-to-leave\\\/\"},\"wordCount\":909,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/60-of-insider-threats-involve-employees-planning-to-leave\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/img.deusm.com\\\/darkreading\\\/MarilynCohodas\\\/VIRTUALSUMMIT_DR20_320x50.jpg\",\"articleSection\":[\"DarkReading |TI\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/60-of-insider-threats-involve-employees-planning-to-leave\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/60-of-insider-threats-involve-employees-planning-to-leave\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/60-of-insider-threats-involve-employees-planning-to-leave\\\/\",\"name\":\"60% of Insider Threats Involve Employees Planning to Leave 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/60-of-insider-threats-involve-employees-planning-to-leave\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/60-of-insider-threats-involve-employees-planning-to-leave\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/img.deusm.com\\\/darkreading\\\/MarilynCohodas\\\/VIRTUALSUMMIT_DR20_320x50.jpg\",\"datePublished\":\"2020-05-20T19:40:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/60-of-insider-threats-involve-employees-planning-to-leave\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/60-of-insider-threats-involve-employees-planning-to-leave\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/60-of-insider-threats-involve-employees-planning-to-leave\\\/#primaryimage\",\"url\":\"https:\\\/\\\/img.deusm.com\\\/darkreading\\\/MarilynCohodas\\\/VIRTUALSUMMIT_DR20_320x50.jpg\",\"contentUrl\":\"https:\\\/\\\/img.deusm.com\\\/darkreading\\\/MarilynCohodas\\\/VIRTUALSUMMIT_DR20_320x50.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/60-of-insider-threats-involve-employees-planning-to-leave\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"60% of Insider Threats Involve Employees Planning to Leave\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"60% of Insider Threats Involve Employees Planning to Leave 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/60-of-insider-threats-involve-employees-planning-to-leave\/","og_locale":"en_US","og_type":"article","og_title":"60% of Insider Threats Involve Employees Planning to Leave 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/60-of-insider-threats-involve-employees-planning-to-leave\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2020-05-20T19:40:00+00:00","og_image":[{"url":"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/VIRTUALSUMMIT_DR20_320x50.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/60-of-insider-threats-involve-employees-planning-to-leave\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/60-of-insider-threats-involve-employees-planning-to-leave\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"60% of Insider Threats Involve Employees Planning to Leave","datePublished":"2020-05-20T19:40:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/60-of-insider-threats-involve-employees-planning-to-leave\/"},"wordCount":909,"commentCount":0,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/60-of-insider-threats-involve-employees-planning-to-leave\/#primaryimage"},"thumbnailUrl":"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/VIRTUALSUMMIT_DR20_320x50.jpg","articleSection":["DarkReading |TI"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.threatshub.org\/blog\/60-of-insider-threats-involve-employees-planning-to-leave\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/60-of-insider-threats-involve-employees-planning-to-leave\/","url":"https:\/\/www.threatshub.org\/blog\/60-of-insider-threats-involve-employees-planning-to-leave\/","name":"60% of Insider Threats Involve Employees Planning to Leave 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/60-of-insider-threats-involve-employees-planning-to-leave\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/60-of-insider-threats-involve-employees-planning-to-leave\/#primaryimage"},"thumbnailUrl":"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/VIRTUALSUMMIT_DR20_320x50.jpg","datePublished":"2020-05-20T19:40:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/60-of-insider-threats-involve-employees-planning-to-leave\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/60-of-insider-threats-involve-employees-planning-to-leave\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/60-of-insider-threats-involve-employees-planning-to-leave\/#primaryimage","url":"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/VIRTUALSUMMIT_DR20_320x50.jpg","contentUrl":"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/VIRTUALSUMMIT_DR20_320x50.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/60-of-insider-threats-involve-employees-planning-to-leave\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"60% of Insider Threats Involve Employees Planning to Leave"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/35084","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=35084"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/35084\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=35084"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=35084"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=35084"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}