Cybersecurity today has left the tech silo and is moving into the business front lines, where HR must play a key role in the people side of implementation. A policy is a guide for individual behaviors, and HR must be an active participant in any policy change. It is important that the top management—or above—demonstrate and regularly communicate the importance of security to all the employees. As indicated in Chapter 4, cyber risk as a whole is a business quantity that represents the potential of financial loss, disruption, or damage to the reputation of an organization as a result of its use of information technology. It is clear that each department has a role in mitigating risk to overall minimize the losses of a business quantity. After all, cybersecurity is everyone’s business.
Combining Technology, Public Policy and Economics to Create a Sustainable System of Cybersecurity