Security Series 2 – Introduction

On January 29, 2019, in HRExaminer, John Sumser, by John Sumser

2019-01-28-hrexaminer-photo-img-security-series-8-part-john-sumser-cc0-via-pexels-by-pixabay-cyber-security-cybersecurity-device-60504-edit-544x300px.jpg

“Almost all security problems, intentional or otherwise, come from people. While it seems logical to conclude that security issues are an overall reflection of corporate culture, there is little research correlating security problems with measures like engagement scores. ” – John Sumser

Security Series 2 – Introduction

 
Security is, fundamentally, a people problem. One can get all of the technology in place and working properly then still encounter massive human security failure. A single missed tech upgrade can result in sustained brand damage and significant economic fallout (as it did at Equifax).

It is also useful to carefully examine the idea that security problems are indicators of culture failings.

Today, there is not much useful content on the relationship between HR and security. While it seems logical to conclude that security issues are an overall reflection of corporate culture, there is little research correlating security problems with measures like engagement scores. And yet, almost all security problems, intentional or otherwise, come from people.

Great security requires vigilant attention to bothersome details. It works best when employees feel driven to preserve and protect their organization. This kind of loyalty has had a hard-go of it in recent years.

As the social contract changed, standard measures like lifetime employment and expansive benefits packages gave way to a more transactional relationship between the employer and the employee. Today, we are still hunting for a workable formula that recognizes the pace of economic and social change while increasing the quality of the employee’s attachment to the organization. Our collective fascination with engagement scores reflects this reality.

The HR Department has a very meaningful role to play. Increased emphasis on privacy (such as with GDPR and California’s new Privacy Laws) will accelerate the expansion of HR’s role. As the consequences of security problems are increasing, individual employees have increased responsibility for data security and have the power to disrupt the operation. Culture matters at the intersection of security consequence and increased employee capacity

==========

The Security Series: HR as Security Leader

1: Overview – Why Focus Your HR Department on Security? Link »
2: Introduction Link »
3: Context – Shifting Technology Link »
4: Context – Increasing Employee Power Link »
5: The Ecosystem of Security Issues Link »
6: The Future of Security Issues Link »
7: The HR Security Center of Excellence Link »
8: Getting Started Link »
 



 
Read previous post:
Security Series 1 – Overview: Why Focus Your HR Department on Security

"This is the first in a long series of articles about making Security a part of the HR agenda. The...

Close