HACKING

Computer attacks in the Human Resources department

ataque informático

As we know, cybersecurity comprises technologies, processes, and controls that are designed to protect systems, networks, and data from cyber-attacks.

This is an interesting issue for all companies and mainly for the Human Resources department. Cause these departments save important information, with a high level of privacy. The files contain data, payroll systems, wages, bank accounts, among others. Because of an increase of cyber-attacks, companies are wanting to employ experts to counter these events.

Currently, the most demanded professional profiles are talents with experience in information systems, telecommunications or computers with technological and digital skills.

Human resources department a hot target for cyber attacks

The companies should implement strategies for engaging employees with a cyber security department. With the objective to raise awareness among employees to avoid the bad management information.

The staff selection process faces a problem to employing people for the cybersecurity department. Since there is a great demand of profiles and a poor supply of candidates. Companies requires many people with specialized expertise, in most cases businesses often have difficulties to find the ideal candidate with the necessary skills in accordance with the salaries expectations. An example of this, is the report Cyber ​​Security Talent: The Big Gap in CyberProtection, shows the deficiency in Cybersecurity competencies.

To address this problematic the human resources department should be more proactively and involved in the processes and decision making in the field of Cybersecurity.

Some objectives that consider Human Resources department

  1. Involved with the Cybersecurity department. Know the risk that runs in the face of a threat or a cyber-attack. to raise awareness employees about cybersecurity and to incorporate the security information in the company.

  2. Define strategies of employee selection that are oriented to the needs required by cybersecurity department. Define competencies that require these profiles. Make selection test in time. Establish privacy controls, when signing contracts or giving personal information of the employee.

  3. Carry out training plans and courses on cybersecurity.

  4. Achieve talent loyalty, through growth opportunities, professional development in cybersecurity, good work environment, involve the employee in projects and decision making of the company, offering not only good salary conditions but a good emotional salary supplement.

  5. To guarantee that former employees, suppliers or people outside the company do not have access to corporate networks.

For Human Resources it will be a complex challenge to address the world of cybersecurity. The main asset of the companies is the talent that works for them. Human Resources must offer protection to all its employees. This is the reason why we must remember that you must always work aligned with IT management to achieve or maintain information security.

Tamara Medina | Human Resources Consultant in  R3 Cybersecurity