Chapter 5 - The Role of HR Functions in Scaling Cybersecurity and Building Trust


Cybersecurity today has left the tech silo and is moving into the business front lines, where HR must play a key role in the people side of implementation. A policy is a guide for individual behaviors, and HR must be an active participant in any policy change. It is important that the top management—or above—demonstrate and regularly communicate the importance of security to all the employees. As indicated in Chapter 4, cyber risk as a whole is a business quantity that represents the potential of financial loss, disruption, or damage to the reputation of an organization as a result of its use of information technology. It is clear that each department has a role in mitigating risk to overall minimize the losses of a business quantity. After all, cybersecurity is everyone’s business.

Key Ideas
  • The cyber threat is a complex issue affecting all enterprises. It needs a cross-functional collaboration between security teams and other key functions, including HR.

  • Comprehensive understanding and visibility into employees’ access points lays the foundation for stronger resilience.

  • In the fast-changing work environment HR functions play a crucial role to ensure that employees are educated and are able to comply with complex standards and regulations.

  • HR and CHROs are important partners in leadership decisions, as well as in driving the culture, building and retaining diverse teams, and throughout the employee lifecycle.

  • Ensuring sustainability, continuous testing and improvement of partnerships and processes provides a basis for long-term success.

Combining Technology, Public Policy and Economics to Create a Sustainable System of Cybersecurity


| 703-907-7090


| 2500 Wilson Blvd, #245
Arlington, Virginia 22201


ISA provides cybersecurity expert testimony and thought leadership in government and serves as an expert witness to the press.


Tim McKnight, Chief Security Officer, SAP

Tim McKnight is Head, Global Security Unit in the Global Finance & Administration at SAP SE. Prior to SAP, he was Chief Information Security Officer for Thomson Reuters and GE. He has served in various IT Security leadership roles at Northrop Grumman, BAE Systems and Cisco Systems. Tim began his career at the Federal Bureau of Investigation as lead investigator of all National Infrastructure Protection Center matters, including high-tech crimes, corporate espionage, foreign counterintelligence and telecommunications fraud. In addition to his membership on the ISA Board, he is also a member of the Board of Advisors for Amazon Web Services (AWS), ClearSky Security and Tenable.

Niall Brennan, Vice President and Global Head of Strategic Security Partnerships and Engagement, SAP

Niall P. Brennan is the Global Security Liaison Officer at SAP. In this capacity, he leads relationships with government security services, legislative and regulatory bodies, public-private partnerships, non-governmental organizations, and industry trade councils to address issues related to industry security and resilience, threat mitigation, reputation management, regulatory compliance, and legislative advocacy. He has over 30 years of experience in a variety of legal, advisory, security, and investigative roles in both the public and private sectors.

An attorney by education and training, Niall began his professional life as a commercial litigator in private practice. In 1996, he joined the FBI, where he spent 22-years in multiple operational and managerial capacities across all investigative and investigative support programs, including transnational organized crime, counterterrorism, counterintelligence, cyber and intelligence. In his last position with the FBI, Niall led the office in the U.S. Embassy in Paris, France for over 5 years. He retired from the FBI in 2018 and joined PwC as a Director in the Cybersecurity & Privacy practice where he led client engagements focused on cyber incident response and mitigation, resiliency-building and organizational transformation.

Elena Kvochko, Chief Trust Officer, SAP

Elena Kvochko, Chief Trust Officer, SAP

Elena currently serves as Chief Trust Officer at SAP. Her team spans four continents, 30+ countries and supports 450.000 SAP customers on matters regarding privacy and security of SAP applications and platforms.

Prior to this position, she served as Senior Vice-President and Technology Executive focusing on global security at Bank of America. Previously, she worked as a divisional Chief Information Officer at Barclays Bank in New York. Her focus was on delivering the highest degree of privacy and security of all customers and employees globally.

She served as an affiliate fellow at Harvard Law School. She was part of the G7 Women in Business. Her published work appeared in Forbes, Harvard Business Review, featured in the Wall Street Journal, the White House cybersecurity report, The New York Times, and multiple industry media.

She has invented patent-pending technologies in cybersecurity, privacy, and secure financial technologies (with 30+ pending patents named a top inventor at Bank of America). Elena serves as Adjunct Professor at Cornell University.