Cybersecurity & Singapore – The role Of HR As gatekeeper.

Onboarding

 

How often, and how well do employees know the Company's IT policies?

 

In many cases – not enough!

 

Data breaches occur either due to deliberate leaks or inadvertence; while IT systems are capable of detecting data breaches in both cases through monitoring, making sure that employees understand and apply IT policies adds another layer of protection.

 

IT policies should not be Company intranet literature; the onboarding process should involve a combination of training and familiarisation with IT policies.

 

Regular Training

 

Maintaining cybersecurity is a daily and ongoing process.

 

It is therefore not enough for companies to stop at disseminating guidelines and instructions to staff at the onboarding stage.

 

HR may adopt an active strategy e.g. regular maintenance and updating of policies and procedures to take into account changing circumstances, conduct regular training sessions and staff exercises, with the objective of instilling in employees an understanding of the importance and requirements of their compliance with such policies and procedures.

 

Resource Management

 

HR is in the best position to determine and allocate resources towards cybersecurity issues. This ranges from provision of equipment to managing support coverage while an employee is away from work. HR's role in resource management is important because employers can be held liable for cybersecurity incidents that occur as a result of employees not being properly equipped or supported to handle their duties and responsibilities.

 

The effects of data breaches may be worse in certain working cultures. In a less open office culture, whistleblowing in relation to breaches may not be an attractive option. Data breaches in a workplace where deference to managers practised may not be easily detected. HR can help build a culture of openness and transparency which goes a long way in maintaining cybersceurity.

 

Crisis Management