According to the Identity Theft Resource Center, the number of reported U.S. data breaches rose 68% between 2020 and 2021. Of the record-setting 1,862 incidents, 83% involved sensitive information (e.g., Social Security numbers). Personally identifiable information (PII) is highly sought after by cybercriminals to either sell or use to gain access into other systems.
As the White House continues to encourage organizations to bolster resilience, cyberattack prevention should be a companywide initiative. Since HR teams are your company’s primary employee communication source, they’re best suited to provide basic cyber policy updates, workplace expectations and educational resources.
Cyber Training & Contingency Plans
Preparation is key to protect your organization from a cyberattack. While your IT department will lay the groundwork, HR teams can help develop and distribute cybersecurity employee training and contingency plans. Every employee should be trained on proper cybersecurity protocols and best practices, including:
- How to spot a phishing scam
- Techniques to maintain strong passwords
- Utilization of unique passwords
- Tips to report suspicious database activity
Your HR team can help disseminate to employees these and other cybersecurity best practices. Even basic precautions can make an enormous difference to protect against data breaches.
Unfortunately, not every breach is preventable and your business’ data can be compromised even if you take all the right steps. Your HR team will be vital to help strategize cyberattack contingency plans, such as:
- How to determine impacted data
- Evaluation criteria of data sensitivity (e.g., addresses, Social Security numbers, banking information)
- Assessment of data breach’s communication contacts (e.g., customers, employees, the government)
- Consideration of the incident’s quickness to be reported
Employee Communications Amid a Data Breach
If a data breach should occur, employees will look to your leadership for direction. The HR team can provide the organization’s messaging and next steps. You should also employ them to respond to employee concerns.
A data breach could affect employees, even if the compromised data seems unrelated. Often, staff credentials and other personal data are compromised to access larger databases and get swept up during the cyberattack. Your HR team will be instrumental to reassure employee concerns. Make sure your HR team is equipped and prepared to field employee questions and potentially provide complementary identity theft protection or credit monitoring services.
We’re Here to Help with Cyber Risk
Cyberattacks cannot be ignored. Business leaders should employ their HR team as a partner to prepare for and respond to a cyberattack. As an instrumental part of a cyberattack response team, HR leaders can train employees and be part of contingency plans. If you have questions about cyberattack risks or your cyber liability insurance, connect with a member of our team.