Should Your HR Department Be Concerned About Cyber Security?
Discussions surrounding cybersecurity have reached critical levels both in Australia and around the world. With businesses and individuals alike reporting numerous attacks, there seems to be a good cause for concern.
However, how does the threat of information breaches affect the HR department in particular and what measures can be taken to alleviate the risks associated with cybercrime?
Australian businesses at risk
In our home country, there are many factors that have raised the level of concern for businesses. A 2015 threat report released by the Australian Cyber Security Centre revealed that the Australian Signals Directorate responded to 1,131 incidents in 2014. This figure has been on the rise since 2010 and increased by 20 per cent compared to the previous year.
The report defined a cybersecurity incident as “any activity that may threaten the security of a system or its information”. These can include malware attacks, denial of service and trojan horses.
In 2014, a case known as Zeus Gameover brought the latter threat back into the spotlight. In the United states, this virus affected over 1 million computers and accounted for a loss of approximately $10 million. The application was able to obtain bank details from victims through “keylogging and “form grabbing”.
With these factors in mind, it is important to select HR management software that is able to withstand cyberthreats. As HR must deal with sensitive employee data, cybersecurity in this department becomes a key priority.
HR a particular vulnerability to firms
According to a survey conducted by internet security provider Clearswift, HR is a particular concern when it comes to data security. Out of the professionals surveyed, 43 per cent named this particular department as the most likely to cause a security breach, second only to finance.
There are two critical concerns that cause HR to be ranked so highly. First is the fact that this sector deals with particularly sensitive data in the form of employee information. These databases can be a prime target for thieves or even accidental leaks that involve sending information to the wrong person.
Another factor that was attributed to the high risk was a lack of understanding of the consequences of a breach. While senior staff were informed and juniors did not usually handle critical data, middle managers occupied a dangerous balance between “having access to the data but no obvious stake in the consequences of losing it”, according to Heath Davies, chief executive at Clearswift.
When it comes to upskilling your staff, HR consulting can help educate workers at all levels of the business about correct cybersecurity measures. For middle managers, this requires a particular focus on how data breaches can personally affect them and the negative consequences of complacency or neglect.
Addressing issues in the IoT
Interconnectivity has provided plenty of benefit to businesses yet this development has also presented a growing risk for cybersecurity. In order to fully address these concerns, a business must consider the effect of the Internet of Things on the day-to-day functions, according to Ganesh Ramamoorthy, research vice president at Gartner.
“The IoT redefines security by expanding the scope of responsibility into new platforms, services and directions,” he said.
“Moving forward, enterprises should consider reshaping IT or cybersecurity strategies to incorporate known digital business goals and seek participation in digital business strategy and planning.”
As workers increasingly use various devices to work and the internet extends to a whole new range of products, HR managers must consider security not just on traditional computers, but other channels as well.
Businesses may need HRIS software to keep track of resources within a department. Ensuring security across all your systems is becoming all the more urgent as cybercrime threats continue to evolve and develop.