No business is safe from the menace of cybercrimes! Yes, you heard that right. Ransomware attacks, data breaches, identity thefts and what not, we hear these terms on a daily basis, which is indeed an alarming thing.
Though computing technology has transformed our lives significantly, it also unfortunately has served as a gateway for a number of cyber threats such as hacking, security breaches, data thefts, etc. Cyber attacks often are quite vicious leading to massive loss for a business irrespective of its size.
Now, the most troubling fact is that almost 50% of the employees including the ones that a business fires or lays off tend to steal confidential data after quitting the company.
What are the factors?
There may be various factors provoking an employee to commit a cyber crime against his/her company including revenge, financial distress, and upscale lifestyle needs, etc. Irrespective of the motive, a cyber attack can throw a business off the track in no time with damages beyond repair.
In addition, negligence on the part of employees too may lead to cyber breaches at a workplace. This is the reason a business ought to be on its toes when it comes to addressing the problem of cyber security not only from external threats, but also from potential cyber breaches that may occur within the company through its own employees.
Now when we talk about employees, the first thing to pop in our heads is human resources (HR), which is responsible for bridging the gap between a company and its employees.
Must read – Best articles on Cyber security
Can HR help?
Now since we are talking about how a company’s own people ploy most of the cyber attacks, the company’s IT crew and HR department can play a significant role to combat potential cyber or security threats. Simply put, the HR and IT ought to join hands. Further, HR personnel are the ones that deal data that is highly prone to attacks. Yes, HR often deal with sensitive and confidential data such as contact details, bank details, etc. This makes it imperative for HR people to have a comprehensive knowledge about safeguarding such data from potential security breaches and attacks by hackers.
Before deploying a preventative plan, it is advisable to identify cyber threats, underlying if any. Phishing is a fine example of most common cyber threat wherein the hacker tricks employees of a company to provide them with critical business data, often through email. These emails may contain malware or malicious virus that hackers can use anonymously to access sensitive business data. Other threats besides phishing include logging in from untrusted network when away from workplace and/or emailing sensitive data to anonymous recipients or sources.
Here are cherry-picked tips that you can take as preventive measures to deal with cyber threats and attacks:
As discussed above, HR certainly can play a pivotal role in mitigating cyber threats. Here’s how HR can be the superhero to tackle cyber-security for a business:
- First and foremost, HR can help the company’s IT team in devising as well as rolling out security guidelines and protocols to be followed across the organization. In addition, HR ought to ensure that these policies are being followed on regular basis through regular assessment.
- Here comes the soundest trick of all. Training employees on safe cyber practices and security policies. This is mandatory when it comes to newly hired employees. HR should make sure that such training becomes an integral aspect of on-boarding process where the new hires are instructed and advised to accessing and using sensitive business data followed by providing them with basic cyber security training and tips. This training should also entail email security practices and tips to identify malicious emails to all the employees. A workshop for employees on these should do the trick for you.
- Next, HR should ensure that a new hire does not possess any kind of confidential or sensitive data from his/her ex-employer.
- Most important of all, HR should close the accounts of ex-employees the moment they quit. Reason being: a majority of cyber security incidents occur when employees walk out of an organization. This is that goldfish moment.
- Lastly, HR people ought to accentuate more on disciplinary implications for employees, who fail or refute to comply by the cyber security protocols of the company.
While one cannot fully eradicate the menace of cyber threats, above mentioned information if practiced religiously by the HR and company can greatly help curb the risks.
The aim here is to stay proactive instead of being reacting when it actually happens only to regret. Understand that people are fallible and mistakes do happen. Nonetheless, having a prompt and vigilant HR department along with robust cyber security protocols is sure to help curb the risks largely.
Author bio: Anwar Shaikh writes about cyber security, AI, cloud technology, chatbots, business intelligence, analytics and all things enterprise technology. A self-made writer and Digital Marketing Manager, Anwar writes for Pocket HRMS, a leading provider of cloud based HR software with inbuilt AI chatbot (smHRty) for small and mid-sized businesses across India.