The annualized inflation rate in the US recently accelerated to 9.1%, representing the highest rate since November of 1981. While this is bad news for a lot of people and business organizations, two aspects have received little attention: inflation can hurt a company’s cyber security efforts; and the price jumps could signal a change for the broader technology industry that could present challenges and threats.
This is because, in a time of inflation, security vendors may become more aggressive about their own fees.
In one case, an eMazzanti Technologies Fortune 100 client saw a security tool vendor — which had granted a customer discount to the firm for more a decade — yank the preference under a “change in program” clause. Because the security tool was embedded in its security stack, our client had to accept the new pricing. It was not the first case we saw, and it will not likely be the last.
However, there may be ways to blunt the impact. When a longtime security tool supplier advised us of a significant pricing jump — which we would normally pass on to customers — we instead started a dialogue about “skinnying down” the features, without compromising security, as a way to mitigate the increase to the point where we could “eat” the increase and leave our clients’ costs unchanged.
Will we be able to continue to absorb those costs?
A lot will depend on what happens during the next year or so. Technology companies profit by introducing new, innovative products, but recent bouts of inflation this year threaten to upend a 20-year trend of competitive pricing that enabled technology’s benefits to outweigh the associated costs. If inflation continues to rage, technology customers may push back in Year Two and, instead of evaluating new tools, they may instead demand discounts in order to align their costs with their budgets.
We are already seeing the effects play out in the hiring landscape, as major companies like Apple, Google, and Facebook parent Meta pause their job growth and reportedly rescind some job offers. This could lead to job cuts for mid-level technology managers — who earn annual salaries of $150,000 or more with average of 10% salary increases —as companies shift their focus to bringing on new, less-experienced hires at significantly lower salaries.
That cost-cutting strategy, however, may expose a company to new risks, because when highly educated and experienced people cannot get a job with the good guys they may join the bad guys in order to put food on the table. That is a significant external threat, but it is even more of a problem if a company hires someone who has gone over to “the other side,” since they are now an internal threat and are positioned to do even more harm.
Similar to the way that we suggest taking a layered approach to cyber security, companies may wish to advise their human resources department to take a layered approach to background checks on new hires, and even on existing personnel. These background checks should go beyond the standard criminal history investigation — which may be limited by state or local regulations, anyway — and include a credit report that can highlight potential red flags. A new hire who was taken on at a significantly lower salary — compared to his or her previous job — for example, may represent a bargain in the eyes of the HR department. However, they can also represent a threat since deep debt or the threat of losing a home could drive a person to engage in unscrupulous actions, especially if they have access to sensitive data that might be valuable to unauthorized individuals or groups. It is not a certainty, and should not necessarily be a reason not to hire such a person, but such situations may warrant a higher level of scrutiny.
Other potential red flags that HR should be aware of include employees who routinely take unscheduled time off, or who chronically complain about commuting or other living costs. Collection or wage garnishment notices may be another indicator that an employee is living above his or her means, and may be at risk of engaging in hacking or other behavior that will net them much-needed cash while putting your organization at risk.
Businesses of all sizes are operating in uncertain times, and the addition of inflation introduces new variables that affect everything from operations to hiring. As with robust cyber security services, companies that remain aware of their environment and take timely steps to respond will be better positioned to continue to thrive.