Skip to Main Content

As the number of cyberattacks on company computer systems continues to rise, experts say human resource departments should play a role in preventing these breaches. New hires are typically required to undergo HR-facilitated cybersecurity training during their first few weeks on the job, but a single onboarding training session is no longer sufficient, experts say. A minor mistake by an unsuspecting employee is often at the center of a major security breach, according to Jon Gossels, president and CEO of SystemExperts, an IT compliance and security consulting services company. He says that the “fundamental problem” is that many employers still do not view cybersecurity as an HR issue, and too many place the burden on IT departments rather than recognizing cybersecurity as a business-wide problem. “It’s the human side of things that inevitably breaks down,” he says. Having a strong employee training program in place can help prevent a cyberattack, Gossels adds. In addition, experts say that HR should emphasize teaching employees about cybersecurity year round. For example, some companies send out fake phishing emails to employees once every several months. If an employee clicks on the link in the fake email, they will be guided through a training program. Another step HR leaders can regularly take to help mitigate the risk of cyberattacks is to remind employees to change their passwords.

Read the full story on