Cyber security – How HR can help

The majority of cyber security incidents have been proven to be as a result of human behaviour.  One of HR’s roles is to educate and monitor employees throughout their employment life cycle, therefore reducing the possibility of a cyber attack.

Cyber attacks can affect employees well-being causing stress, anxiety, upset and embarrassment and HR are well equipped at minimising such situations to ensure business returns to normal with minimal disruption.

In addition, HR will take responsibility for the following:

Recruitment and selection

  • Ensure the appointment of employees with cyber security awareness.
  • In case of sensitive roles, additional security such as background checks should be considered.
  • Sensitive data should only be available to the individuals directly involved.
  • Ensure best practise is demonstrated throughout.


  • Set the cyber security process from the offset.
  • Communicate the policies, procedures surrounding cyber security and risk awareness.
  • Set a culture where the employee appreciates the importance of cyber security.
  • Outline the consequences of cyber attacks and how seriously the company takes cyber security.
  • Make sure the employee has not brought confidential information with them from a previous employer.

Performance reviews

  • Include discussions on cyber security – are passwords changed regularly? Does the employee understand the importance?
  • Performance objectives should be written to include a reference to compliance.j
  • Ensure there is an ongoing awareness and education programme to maintain good practice.
  • Ensure employees receive refreshers and up to date training on cyber security on an annual basis.

How to identify and manage disgruntled employees

  • Provide anonymous reporting outlets.
  • Have IT configured cyber security tools on all software.
  • Train managers to see the signs.
  • Send out frequent campaigns to create awareness of the risks, good and bad practice and the message to remain vigilant at all times.

Regulatory compliance

  • Review the practices you use when gathering personal data at the recruiting stage.
  • Ensure employees are aware of the privacy controls that need to be set on their equipment.
  • Work with IT to ensure the monitoring process complies with legal requirements.

HR Revolution can help in all aspects of the employee lifecycle, including all the points mentioned above, so whether you need advice with any part of the process or perhaps looking to outsource your HR needs, get in touch on: +44 203 538 5311, email: or visit  where our expert CIPD HR professionals are waiting to help you with any questions you may have.

We hope you found the information on GDPR and cyber security interesting and informative and you can download the full presentation here.

If you have any comments we’d love to hear them, comment below or get in touch at

Remember if you don’t have your GDPR in place there is a lot at stake.  Get in touch and let HR Revolution run through a GDPR audit to see where and how quickly changes can be implemented.

HR Revolution; supporting you, your employees AND your business.



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s