Threat Intelligence Blog

Contact us to discuss any insights from our Blog, and how we can support you in a tailored threat intelligence report.

Black Arrow Admin Black Arrow Admin

The Role of HR in Cyber Security - Cyber Tip Tuesday video

In this week's Tip Tuesday, Bruce looks at the role of HR in Cyber Security. Cyber Security, and the wider field of Information Security, require a combination of technical controls and people controls to reduce risk. HR has a major role in both. This is more than education and awareness programmes. It's about ensuring the leadership team demonstrate consistently good practices, because employees watch what their leaders do and will follow their behaviours more than their words. HR should also work with managers to drive an appropriate conduct management for employees who deliberately circumvent or disregard cyber security controls. It am not talking about punishing honest mistakes, because it is important to foster a culture where employees quickly admit mistakes. I am talking here about employees who do things like repeatedly sharing passwords, or leaving their computer screen unlocked, or leaving confidential papers on their desk overnight. Or worse, an employee who abuses their system access privileges or makes fraudulent transactions. Contact us to see how people controls and technical controls fit together as part of your defence in depth

In this week's Tip Tuesday, Bruce looks at the role of HR in Cyber Security.

Cyber Security, and the wider field of Information Security, require a combination of technical controls and people controls to reduce risk. HR has a major role in both.

This is more than education and awareness programmes.

It's about ensuring the leadership team demonstrate consistently good practices, because employees watch what their leaders do and will follow their behaviours more than their words.

HR should also work with managers to drive an appropriate conduct management for employees who deliberately circumvent or disregard cyber security controls.

It am not talking about punishing honest mistakes, because it is important to foster a culture where employees quickly admit mistakes.

I am talking here about employees who do things like repeatedly sharing passwords, or leaving their computer screen unlocked, or leaving confidential papers on their desk overnight. Or worse, an employee who abuses their system access privileges or makes fraudulent transactions.

Contact us to see how people controls and technical controls fit together as part of your defence in depth.

Read More