The free online course ‘Cyber Security for HR professionals’ is part of a wider partnership between the Government, senior HR professionals, information and cyber security professionals and key influencers to promote the importance of cyber security at work, as well as the critical role that HR has to play in mitigating the competency and behavioural risks present in the workplace.
Government figures released last year indicated that the costs associated with the most severe online breaches now start at £1.46 million for large businesses, up from £600,000 in 2014, and can reach up to £310,000 for small businesses, up from £115,000 in 2014. The research also showed that most breaches are staff related as a result of employees’ inadvertent use of technology, through either not understanding risks, mistakes or lack of compliance to organisational policies. This calls out the need for a stronger engagement and connections between the HR, IT and security communities to focus on what is increasingly seen as one of the most significant and growing risks organisations of all kinds face.
Attendees at the event heard from Ed Vaizey MP, Minister for Culture and the Digital Economy, Peter Cheese, CEO CIPD and Adam Honor, Group Director of Security at Dyson, on the growing risks that cyber security presents. Together they highlighted the key role that HR professionals have to educate employees on cyber security and ensure that companies have the right policies and practices in place to safeguard organisations’ knowledge and sensitive data.
Minister for Culture and the Digital Economy, Ed Vaizey, said: "HR professionals handle sensitive personal data so it's crucial they are able to protect this properly. They are also responsible for recruiting, managing and developing the workforce in most organisations, so are in the perfect position to help colleagues understand cyber security. The new e-learning module we're launching with the CIPD will help the HR profession tackle cyber threats and help keep our citizens and businesses safe in cyber space."
The CIPD’s latest HR Outlook report highlights how nearly half of non-HR leaders (46%) and two-fifths of HR leaders (38%) include risks to cyber security of one form or another among their top three technology-related issues. To address this, the CIPD has been engaging with a number of communities and organisations including the Government, CPNI and influential groups like SASIG on the issue to promote greater awareness and understanding.
The ‘Cyber Security for HR Professionals’ module is funded by the Government’s National Cyber Security Programme which aims to improve cyber security skills and make the UK the safest place to do business online. The free e-learning module aims to help HR professionals protect themselves and sensitive HR data, help educate the wider workforce on the risks and individuals’ role in preventing them, and explain to staff how a culture of care can protect the business as a whole.
Peter Cheese, CIPD chief executive, said: “Risk is fundamentally down to how people make decisions and judgements and, while most people won’t do this with malicious intent, businesses can still be left exposed. More secure technology, of course, is part of the solution, but organisations need to think much more broadly and consider how they are equipping their employees with the knowledge and understanding they need to help to protect their organisation and its data. Understanding behavioural risk may lead to greater use of technology to monitor people and their actions at work, but it’s important that we balance that with the right ethical considerations and trust and empowerment of employees. We also need to look at the cultures and systems in place that can lead people to make mistakes that expose organisations to risks, whether this is a long-hours culture or people simply not having the tools to do their jobs properly.
“We’re very pleased to be working with the Department for Culture, Media and Sport on this important agenda which will only continue to grow in significance as the workplace grows ever-more digitised.”