Data Security & Privacy: Managing the Human Element of Cybersecurity: an Employee Lifecycle Control Structure (July 2017)

Cybersecurity threats are not limited to only cyberspace; a human component exists that must be mitigated. What division of a firm’s organization understands its employees better than Human Resources (“HR”)?

HR has the skills necessary to detect and control two potential insider threats to an organization’s cybersecurity.  First, the well-intentioned employee who makes a mistake
(e.g., sending confidential information to a personal email address rather than a work-related email address). Second, a disgruntled employee who has ill will towards the organization (e.g., a former employee who was recently fired and seeks retaliation).

Employees need to be acutely aware of the organization’s cybersecurity policies and procedures, trained in the proper application of the policies and procedures, and understand (and accept) their personal responsibilities and accountabilities. This alert provides an employee lifecycle control structure that HR professionals can implement to improve cybersecurity within their organization.  Read more...