Our Take
HR and security operate in silos by design, but the window for preventing a crisis closes fastest during the separation meeting itself—a gap that requires advance coordination, not after-the-fact incident response.
Why it matters
With layoffs expected to continue through 2026, HR teams will conduct more involuntary separations than many practitioners have managed in their careers. The risk factors for insider threats (financial strain, loss of identity, isolation, perceived betrayal) overlap precisely with those that predict self-harm—meaning workplace safety and employee wellness are the same problem.
Do this week
HR leadership: audit your separation meeting protocol with your security team this month and agree on three specific trigger conditions that require a pre-meeting debrief before any termination conversation happens.
HR sees the warning signs but doesn't report them
Over 1,600 companies announced mass reductions since January 2024. HR professionals routinely encounter the observable steps that precede insider threats: the finance manager mentioning bankruptcy during a benefits call, the high-performing employee fixating on perceived injustices, the colleague isolating after personal crisis. Yet almost none of these observations reach security.
Threat assessment researchers use a model called the "pathway to violence," which shows that no one moves from employee to insider threat in a single day. There are visible waypoints along that path. HR occupies the room for those conversations more reliably than any other function in the organization.
The barrier is not HR incompetence. A security representative once swept a conference room before a scheduled separation and found a large knife left over from an employee's birthday celebration earlier that day. HR had not noticed it. That gap in perspective reflects different training, different reporting chains, and different professional vocabulary—not different intent.
The separation meeting is where prevention becomes impossible
Organizations often design termination meetings for speed, assuming velocity limits exposure. The opposite is true. In a few minutes, that conversation strips away income, health insurance, professional identity, daily routine, and social belonging from someone who may already resent the organization or be navigating a personal crisis. Speed compounds risk rather than containing it.
The weeks immediately following a termination carry the highest vulnerability. Departed employees become alumni of the organization, and how they remember that final conversation shapes whether they move on quietly, speak bitterly, or in rare cases become a genuine safety concern. Remaining staff also draw conclusions from how the company treated someone on their worst professional day.
Empathy backed by concrete action—resumé help, extended health coverage, outplacement support, genuine listening—gives a departing employee reason to see the experience as painful but survivable. A meeting that feels rushed or adversarial adds another grievance to a pile that may already be dangerously tall.
Build the partnership before the crisis forces it
HR and security should debrief together after high-risk separations and coordinate on monitoring concerning post-departure communications. That coordination must begin before the next round of notices goes out, not after a security incident occurs.
Many organizations treat threat assessment as security's responsibility alone. When HR treats it the same way, no one intervenes early enough. By the time security receives a referral, the window for a supportive, low-stakes conversation with a struggling employee has closed.
HR need not become a security function. It simply needs to share what it already observes with people trained to interpret those observations through a safety lens. In many organizations, HR holds more influence with the C-suite than security does. If HR leaders claim this responsibility as their own, they can drive the cross-departmental coordination and funding that have historically lost out to competing priorities.