Is Overseas IT Talent Leaving Your Organisation Exposed?
Snapshot
- The increasing reliance on information technology (IT) talent and subcontractors from abroad introduces significant cybersecurity risks to organisations.
- By leveraging robust cyber insurance coverage, due diligence and continuous monitoring of remote workers, organisations can mitigate these risks.
The rise in hiring remote Information Technology (IT) talent and subcontractors based overseas is driven by factors such as the availability of local talent, cost considerations, and access to global IT talent pools. While organisations in the Technology sector are at the forefront of this trend, other sectors are also increasingly hiring remote IT personnel from other countries.
Over the last 12 months, there has been an increase in malicious activity in the Technology sector stemming from operational technology and ICT supply chain vulnerabilities, as well as issues related to remote privilege access.[1] The security weaknesses and additional complexities potentially introduced through overseas IT hiring could be exploited by organised cybercrime groups and nation state-backed actors.[2] These entities are using this opportunity to infiltrate and exploit organisations for financial gain and intelligence gathering.
In addition to cybersecurity risks, organisations could also be unknowingly exposed to sanctions violations from hiring overseas-based remote IT personnel.[3] As revenue from the offshoring of technology talent is expected to grow by 6% in 2025,[4] it is fundamental for businesses to manage their evolving threat landscape and to understand where they may be exposed.
How Your Organisation Can Prepare
Australia is seen by cyber criminals as one of the key targets, and we anticipate that insurers will be scrutinizing this area by asking additional questions.[5] To help manage this exposure, work with your Cyber Specialist broker to demonstrate how your organisation is handling this risk, including initial due diligence and ongoing monitoring of remote IT workers and overseas hiring agencies.
Additionally, Aon strongly recommends reviewing your coverage with your Cyber broker to ensure that breaches or incidents originating from your organisation’s outsourced providers are still covered by your own cyber policy.
Key Takeaway
To mitigate the risks associated with hiring overseas IT talent, ensure thorough due diligence and continuous monitoring of remote workers and hiring agencies. Review your cyber insurance coverage to confirm that it includes incidents involving outsourced providers. Working closely with a Cyber Specialist broker can help you navigate these challenges and protect your organisation from potential threats.
Aon’s Financial Services Group is a leader in designing bespoke professional liability solutions, including Cyber and Technology Liability. For further insights and to discuss whether your existing insurance program is adequate, contact Aon today.
References
[1] Annual Cyber Threat Report 2023-2024 | Cyber.gov.au; Remote access to operational technology environments | Cyber.gov.au; Thank You | 2025 Global Threat Report
[2] How a North Korean Fake IT Worker Tried to Infiltrate Us
[3] Advisory on Democratic People’s Republic of Korea (DPRK) information technology (IT) workers
[4] IT Outsourcing – Australia | Statista Market Forecast
[5] Annual Cyber Threat Report 2023-2024 | Cyber.gov.au
