Chapter 5 - The Role of HR Functions in Scaling Cybersecurity and Building Trust


Cybersecurity today has left the tech silo and is moving into the business front lines, where HR must play a key role in the people side of implementation. A policy is a guide for individual behaviors, and HR must be an active participant in any policy change. It is important that the top management—or above—demonstrate and regularly communicate the importance of security to all the employees. As indicated in Chapter 4, cyber risk as a whole is a business quantity that represents the potential of financial loss, disruption, or damage to the reputation of an organization as a result of its use of information technology. It is clear that each department has a role in mitigating risk to overall minimize the losses of a business quantity. After all, cybersecurity is everyone’s business.

Key Ideas
  • The cyber threat is a complex issue affecting all enterprises. It needs a cross-functional collaboration between security teams and other key functions, including HR.

  • Comprehensive understanding and visibility into employees’ access points lays the foundation for stronger resilience.

  • In the fast-changing work environment HR functions play a crucial role to ensure that employees are educated and are able to comply with complex standards and regulations.

  • HR and CHROs are important partners in leadership decisions, as well as in driving the culture, building and retaining diverse teams, and throughout the employee lifecycle.

  • Ensuring sustainability, continuous testing and improvement of partnerships and processes provides a basis for long-term success.

Combining Technology, Public Policy and Economics to Create a Sustainable System of Cybersecurity


| 703-907-7090


| 2500 Wilson Blvd, #245
Arlington, Virginia 22201


ISA provides cybersecurity expert testimony and thought leadership in government and serves as an expert witness to the press.