Cracked Labs Exposes the Dark Side of Cybersecurity: Employee Privacy at Risk
A study by Cracked Labs has revealed that cybersecurity and compliance software often perceive employees as threats, leading to the normalization of workplace surveillance. The report, “Employees as Risk,” examines SIEM and UEBA systems from Microsoft and Forcepoint.
According to the research, which spanned from 2021 to early 2024, the widespread collection of workplace information turns employees into suspects without explicit cause. The boundaries between information security, corporate data protection, and fraud prevention are becoming increasingly blurred.
It is noteworthy that in 2023, Forcepoint sold a part of its business focused on behavioral analytics and risk management to TPG, which rebranded the division as Everfox. Representatives of Everfox declined to comment on the connection between the new software and Forcepoint’s previous developments.
The study aims to raise questions about the acceptable limits of workplace surveillance. It is crucial to understand which data and profiling are genuinely necessary and what measures are in place to prevent abuse.
Experts note that Microsoft Sentinel and Purview software, as well as Forcepoint Behavioral Analytics (now Everfox), can monitor virtually all employee actions and communications, including file handling, chats, messages, and even screen activity. These systems utilize AI to detect “anomalous” behavior and calculate risk scores for each employee. Moreover, the AI “learns” employees’ behavioral norms over time.
These technologies promise not only to detect incidents but also to prevent them in advance, making the tools akin to predictive policing technologies. Forcepoint, for instance, suggests evaluating employees’ financial difficulties, productivity, and intentions to resign, as well as analyzing their communication and content for “negative” sentiments.
While companies are obliged to manage their employees and ensure security, the study emphasizes that excessive surveillance can undermine trust and lead to erroneous conclusions. Microsoft acknowledges that its systems may produce “false positives,” and thus offers tools for analyzing and verifying such cases.
Legal experts argue that employee monitoring raises serious privacy concerns and may violate human rights. They point out that current legal frameworks may be insufficient to protect workers from such technologies. In the United States, there is growing attention to workplace surveillance, especially in the context of rights protection. Experts warn that such technologies could be used to predict and suppress union activities, raising significant concerns.
