People Inc. Articles

What can HR do to help combat Cyber Security threats?

Every modern-day business record and manage information on a daily basis as part of their business processes. In many cases there is a need to share information often electronically to make doing business more efficient and cost effective and this therefore opens up risks from Cyber Security threats.

The Cyber Security Breaches Survey 2017 conducted by the Government found that whilst 68% of large UK businesses had fallen victim to breaches of Cyber Security in the space of just 12 months, only 20% of business provided their staff with Cyber Security related training.

Protecting your business from Cybercrime is becoming increasingly important not least with the new GDPR legislation that comes into effect next year and whilst its vital that the technical side of the business are ‘cyber secure’, it’s not just about IT.


What are the common types of Cyber Security threats?

There are many different types of threats to an employee or organisations Cyber Security including Computer Viruses; Phishing; Ransomware; Spyware etc.

Breaches to Cyber Security can be quite sophisticated but many can be caused by something relatively simple and are often the result of human behaviour. For example:

  • Opening email attachments from unknown sources
  • Clicking on unknown ‘hyperlink’ on an email, social media site or website.
  • Carrying data on un-encrypted discs or USB’s
  • Unprotected laptops or tablet devices.


What can HR do to help combat Cyber Security threats?

HR have an important part to play in reducing the risks associated with Cyber Security. The top 3 things are:

  1. Educate Employees
  2. Starter/Leaver process
  3. Tracking of company IT equipment and log-ins


1. Educate Employees

One of the simplest ways of combating Cyber Security threats is to educate their employees on risks and preventative measures relating to cyber security. The recent ransomware attack that effected large parts of the NHS could have been caused by the opening of a ‘infected’ attachment or hyperlink on a malicious email by one or more NHS employees.

Cyber Security Training Courses Cyber Security Training Courses

Due to the constantly changing landscape of cyber security training needs to be constantly reviewed to ensure it is fresh and up to date.


2. Adhere to Starter/Leaver process

In addition to tracking Assets it is also important to ensure that processes are in place relating to New Starters and Leavers.

New Employees not only need to be provided with key equipment to perform their role, such as a computer, mobile phone etc but they also need access to email and the companies network.


Cyber Security - Starters and Leavers Ensure company equipment is returned when employees leave the organisation

When an employee’s leaves it is essential to ensure all equipment is returned and access to the company’s network (including access from other locations such as home) is revoked on the day of leaving, especially if the employee left under difficult circumstances.


3. Asset Tracking

In this day and age, employees are assigned a wide array of equipment in order to perform their role including computers, mobile phones, tablet devices and portable data storage to name but a few. Whilst the maintenance of these assets is typically the role of the IT department, HR can assist by tracking who has what equipment assigned to them.

Asset Register Screen within People Inc Asset Register Screen within People Inc


Additionally, it is important to provide IT with accurate details of what levels of access will be required for the employee in terms of accessing the companies network, for example what files they need to be able to view and edit as part of their role, or if they will be required to work away from the office and therefore require remote access to the companies network.


Contact Us

Further information can be found on our website If you require any support with People Inc. HR or Employee Self Service, please call 01242 663974 or email


Useful Links

A free online ‘course’ that looks at Cyber Security for HR Professionals can be found on the CIPD website

Cyber Security Survey can be found here