The cyber threat landscape has grown more complex and dangerous. Cybercriminals, State-sponsored hackers, and even disgruntled employees use increasingly sophisticated methods to infiltrate systems to extract valuable data, notwithstanding non-malicious or accidental incidents that occur. Insider threats, in particular, are a growing concern as they come from individuals with legitimate access to systems, data, and premises, which makes them hard to detect. Technical solutions like user entity behaviour analysis can be pivotal to mitigating these threats, but they should be complemented by support from other departments like HR. HR’s expertise in people management and organisational behaviour can help organisations safeguard their assets and contribute to cybersecurity resiliency. Observing and understanding people's behaviour can lead to actionable intelligence anticipating, identifying, and mitigating potential human-related cybersecurity risks.

One of the most visible ways HR contributes to organisational cybersecurity efforts is through talent acquisition and development strategies. HR teams' primary tasks are recruiting and retaining suitable candidates, with additional targets like diversity. But a deeper, more fundamental way of thinking about this is that HR teams encourage and stimulate an environment of creativity and innovation, which can help combat these evolving threats. Furthermore, HR also has a critical role in creating a positive security culture throughout the organisation, even after the appointment of candidates. This includes training and awareness programmes to ensure employees understand their responsibilities in protecting the organisation, staff, customers, and stakeholders. Creating these foundations through effective communication can help create a proactive, positive, sustainable security-focused strategy and mindset among employees, which is invaluable in enhancing collaborative organisational cybersecurity defence strategies.

The backbone of HR from an employment law perspective involves ensuring compliance with applicable laws and regulations. These govern employment relationships to foster a fair, legally compliant working environment, protecting employee and organisational interests, which may include recruitment, codes of conduct, ethical standards and remote work/flexible work arrangements. This non-exhaustive list demonstrates the far-reaching and diverse interlocks that HR plays from an organisational and security policy perspective. HR involvement in collaborating, developing, and enforcing robust security policies and procedures is essential to any security strategy.

HR acts as a bridge between any affected employees, the organisation, and various departments to address incidents appropriately and take steps to mitigate future risks. In addition, HR departments often contribute by supporting the development and activation of security incident response plans, supporting communication during security incidents, and ensuring the health and well-being of incident responders, as many incidents can be prolonged with operating business working hours. Unsurprisingly, HR input is also needed to support investigations where there has been a breach or incident with a human element or variable that needs to be considered.

One of the most critical contributions of HR is in the development and management of organisational insider threat programmes. HR teams are typically the first point of contact when hiring and own any re-vetting, fitness, and propriety attestations to help organisations make informed decisions regarding recruitment. to protect organisational security, comply with regulations and maintain a safe and trustworthy working environment. HR teams also actively manage employee databases and coordinate with business units and IT teams, organisational joiner, mover, and leaver (JML) processes, adjusting and reviewing the necessary contractual changes, internal system updates (i.e., update leaver dates, or transfer of department codes) access controls as an example, to minimise the risk of unauthorised access.

From a colleague treatment strategy, HR departments can leverage their knowledge and experience in incident response activity, investigations, and corrective strategies. They can support security efforts by providing people-centered remediation plans, for example, strengthening, communicating, or making security policies more accessible and transparent and developing further training, awareness, or security measures, for example, focusing on data security and privacy.

Given the level of involvement and insights gained from incident response and investigatory outcomes, HR can contribute to defining behavioural indicators and help build threat profiles by leveraging their understanding of employee behaviour, patterns, interactions, and other risk factors. These profiles can help identify and prioritise potential insider threats based on the severity of behavioural indicators, access levels, job roles, and the extent to which employees can cause harm.

The cybersecurity threat landscape is constantly evolving, and the importance of HR in organisational overall defence strategies cannot be overstated. HR’s role in cybersecurity is no longer only supportive; they are critical in developing a comprehensive approach to border cybersecurity and insider threat strategies. Vital tools like security information and event management (SIEM) and user entity behaviour analytics (UEBA) significantly enhance organisational security practises by collecting and aggregating various security logs in real time, with advanced analytics identifying abnormal or risky behaviour. This is the ideal platform to leverage the unique job roles, skills and insights of HR professionals. This holistic approach can significantly contribute to an organisation’s cybersecurity resilience and is the future of cybersecurity.

This article is authored by Janet Paul, director, human resources, Securonix.