lolloj - Fotolia

Vaizey launches cyber security learning tool for HR professionals

The government and the CIPD have launched a free e-learning module to help HR professionals protect sensitive HR data and educate the wider workforce about cyber security

The government and HR professionals’ organisation the CIPD have joined forces to tackle cyber security in the workplace.

Digitial economy minister Ed Vaizey has officially launched an e-learning tool, saying it will help HR professionals tackle cyber threats and help keep UK citizens and businesses safe in cyber space.

The free e-learning module aims to help HR professionals protect themselves and sensitive HR data, help educate the wider workforce on the risks and individuals’ role in preventing them, and explain to staff how a culture of care can protect the whole business.

The initiative is part of a wider partnership between the government, HR professionals and information security professionals to promote the importance of cyber security at work.

The partnership is based on the belief that HR has a critical role to play in mitigating the competence and behavioural risks present in the workplace.

Government figures released in 2015 showed that the costs associated with the most severe online breaches start at £1.4m for large businesses – up from £600,000 in 2014 – and can reach £310,000 for small businesses – up from £115,000 in 2014.

The research showed that most breaches are staff-related, resulting from employees’ inadvertent use of technology through not understanding risks, mistakes or lack of compliance to organisational policies.

This finding highlights the need for a stronger connections between the HR, IT and security communities to focus on what is increasingly seen as one of the most significant and growing risks facing organisations of all kinds.

Vaizey highlighted HR professionals’ key role to educate staff on cyber security and ensure companies have the right policies and practices in place to safeguard organisations’ knowledge and sensitive data.

“HR professionals handle sensitive personal data, so it is crucial that they are able to protect this properly,” he said. “They are also responsible for recruiting, managing and developing the workforce in most organisations, so are in the perfect position to help colleagues understand cyber security.”

The CIPD’s latest HR Outlook report shows that while 46% of non-HR leaders include risks to cyber security of one form or another among their top three technology-related issues, only 38% of HR leaders do so.

To address this, the CIPD has been engaging with a number of communities and organisations, including the government, the Centre for the Protection of National Infrastructure (CPNI) and influential groups such as the Security Awareness Special Interest Group to promote greater awareness and understanding.

CIPD chief executive Peter Cheese said organisations need to think much more broadly and consider how they are equipping their employees with the knowledge and understanding they need to help protect their organisation and its data.

“Understanding behavioural risk may lead to greater use of technology to monitor people and their actions at work, but it is important that we balance that with the right ethical considerations and trust and empowerment of employees,” he said.

“We also need to look at the cultures and systems in place that can lead people to make mistakes that expose organisations to risks, whether it is a long-hours culture or people simply not having the tools to do their jobs properly.”

The Cyber Security for HR Professionals e-learning tool is funded by the government’s National Cyber Security Programme. ...............................

Read more on Hackers and cybercrime prevention