Human Resources as a Stakeholder in Cyber Risk Management

Abstract

The regulatory and cyber risk landscapes are reshaping the role of human resources. As a result, information security/information technology (InfoSec/IT) professionals are increasingly being asked to assist organisations in determining and enforcing employee data permissions, training employees on cybersecurity policies, and assisting with employee-related cyber incidents in order to be prepared for any kind of cyber attack. This chapter delves into the role of HR in managing cyber risk and provides recommendations on how organisations can manage cyber risk effectively to support their HR departments.