Briefing paper says human resources teams can help to develop the right culture to defend against cyber threats
IT teams should be joining forces with those in HR to protect public authorities from cyber attack, according to a new briefing paper from public sector IT association Socitm.
This reflects six steps aimed at developing a cyber security culture throughout the organisation, outlined in Why people are your most effective defence.
The document, prepared with Protocol Policy Systems, highlights the need to make everybody inside an organisation aware of cyber threats and highlights the human factors that often create weaknesses. It says there should be a continuous campaign of education, communication, assessment and evaluation to overcome these.
An HR team can make an important contribution to the effort, reinforcing the need for everybody to play their part and helping to develop a strong cyber security culture in the organisation.
Martin Ferguson, director of policy and research at Socitm, said that staff at all levels should be engaged and contribute to protecting their organisation from attack.
“Achieving this requires specialist skills and insight into the human factors side of the equation,” he said. “That is why it is vital to engage the HR team in helping to develop a strong cyber security culture and reinforcing that everyone in an organisation has a role to play.”
The paper outlines six steps for organisations to protect themselves:
- Involve all parts of the organisation.
- Involve employees.
- Change the organisation’s mindset.
- Implement cyber security policies and procedures.
- Look beyond what the organisation itself does, taking all aspects of its supply chain into account.
- Communicate with employees, being sure to check their understanding and ready to discuss threats and options to minimise them.
Image from iStock