HR industry body CIPD has launched a new online learning course designed to improve the cybersecurity skills of human resources professionals.
The new e-learning modules, “Cyber Security for HR professionals” were unveiled last night by culture minister Ed Vaizey as part of the government’s growing roster of free online cybersecurity training resources.
There are five modules in total, covering topics including what cybersecurity is and why HR professionals should care; how attacks happen; the impact of attacks; and what steps can be taken to mitigate such attacks, a CIPD spokeswoman told Infosecurity.
Each module introduces various themes like DoS or phishing and then asks a number of scenario-based questions to test and refine the users understanding of those threats, she explained.
“HR professionals handle sensitive personal data so it's crucial they are able to protect this properly. They are also responsible for recruiting, managing and developing the workforce in most organizations, so are in the perfect position to help colleagues understand cybersecurity,” said Vaizey in a statement.
“The new e-learning module we're launching with the CIPD will help the HR profession tackle cyber-threats and help keep our citizens and businesses safe in cyber-space."
According to CIPD’s latest HR Outlook report, over a third (38%) of HR leaders rate cybersecurity risks as one of their top three technology-related issues.
In fact, HR professionals pose an active risk to the organization, according to research from DLP firm Clearswift issued last year.
Nearly half (42%) of the 500 data security specialists polled globally by the firm claimed HR poses the biggest threat to their organization due to the risk of staff members accidentally sending customer details or salaries to the wrong people, or accidentally allowing malware to be installed on machines.
The security vendor also polled 4000 employees around the world and found that three-quarters want HR to take a bigger lead on information security-related issues – through disciplining staff and improved vetting of applicants.
Jacqui Summons, group HR director at Clearswift, welcomed the new e-learning modules as recognition of the critical role employees play in protecting business infrastructure.
“There is no silver bullet, but training is critical and this tool will go a long way in tackling the problem of a lack of clarity on best practice,” she told Infosecurity. “Cybersecurity cannot be swept under the carpet, it’s not just an issue that affects the IT department, but every area of a business. Training in prevention is key to keeping data safe.”