The Government and the CIPD are collaborating in a fresh drive to tackle the threat of cyber security in the workplace.
At an event (held on 4 February) to launch a new e-learning tool to help the HR profession mitigate cyber threats, Ed Vaizey, minister for culture and the digital economy, said: “HR professionals handle sensitive personal data so it’s crucial they are able to protect this properly.”
The move follows a number of high-profile data breaches including last year’s cyber attack on the US Office of Personnel Management where as many as four million government employee records were compromised.
Vaizy continued: “[HR professionals] are also responsible for recruiting, managing and developing the workforce in most organisations, so are in the perfect position to help colleagues understand cyber security.
“The new e-learning module we’re launching with the CIPD will help the HR profession tackle cyber threats and help keep our citizens and businesses safe in cyber space.”
The free online course – Cyber Security for HR professionals – is part of a wider partnership between the Government, senior HR professionals, information and cyber security professionals, and key influencers to promote the importance of cyber security at work, as well as the critical role that HR has to play in mitigating the competency and behavioural risks present in the workplace.
Government research has shown that most breaches are staff related as a result of employees’ inadvertent use of technology, through either not understanding risks, mistakes or lack of compliance to organisational policies.
Cyber Security for HR Professionals is funded by the National Cyber Security Programme, which aims to improve cyber security skills and make the UK a safer place to do business online.
The e-learning module aims to help HR professionals protect themselves and sensitive HR data, help educate the wider workforce on the risks and individuals’ role in preventing them, and explain to staff how a culture of care can protect the business as a whole.
CIPD chief executive Peter Cheese said: “Risk is fundamentally down to how people make decisions and judgements and, while most people won’t do this with malicious intent, businesses can still be left exposed.
“More secure technology, of course, is part of the solution, but organisations need to think much more broadly and consider how they are equipping their employees with the knowledge and understanding they need to help to protect their organisation and its data.”
He added that HR needs to look at the cultures and systems in place that can lead people to make mistakes that expose organisations to risks, whether this is through a long-hours culture or a lack of tools for staff to do their jobs properly.