The human resources (HR) department is an integral part of an organization. They work with all departments with a wider reach than even IT. As a highly visible department, HR can support and improve an organization’s security posture through employee training. Their access to employees at the start of employment is an opportunity to lay a foundation for a culture of risk awareness. HR departments do not typically include cybersecurity risk awareness training with new hire onboarding, but it’s something to consider integrating to help improve overall security for the organization.
As the department responsible for maintaining an organization’s employee recruitment, hiring and retention programs, HR is often the first point of contact for future and current employees. This department reaches every employee through training and other employee-centered activities throughout an employee’s tenure; this makes them a valuable resource. At the current moment, cybersecurity training is often developed and distributed by IT and security operations departments alone. Instead, bringing HR departments into the process may help improve an organization’s security posture.
A Focus on Training and Retention
Human resources has long been responsible for administering regulatory compliance training. Increasingly, data privacy and security training programs are included, along with other mandated education instruction. Regulations that govern data acquisition, usage and storage are becoming increasingly complex. Companies that do business internationally have the added burden of complying with both domestic and international regulations.
The penalties for poor data protection, whether or not it leads to a data breach, can result in steep fines and legal action. Employee actions and attitudes toward data protection and security affect the company’s overall security. HR is often involved in enforcing company policies around data mi ..
Support the originator by clicking the read the rest link below.