What Does Cyber Risk Mean For HR?
A cyber attack on your business could be more than just costly, it could put you out of business. Many businesses assume they will not be a target, until of course sadly they are. Most successful cyber attacks generally involve two elements:
• vulnerable infrastructure and
• human error.
A commonly used cyber attack is “Spear phishing” whereby an email unwittingly opened by an employee contains an attachment or a link that downloads malicious software. Increasingly, companies are also subject to mandate fraud, when an employee is tricked into sending money by a fraudster, under the pretext of a seemingly legitimate email request from a familiar supplier.
Monitoring the vulnerability of your IT systems is obviously a fundamental step. There are free risk assessment tools available and the Government is supporting a scheme called “Cyber Essentials” which offers cost effective cyber health checks for SMEs. For details of Cyber Essentials scheme go to Essentials.
Businesses can also address the human element of risk in cyber crimes by giving simple advice and guidance to their workforce – this costs very little and could prove invaluable. Some examples of practical steps:
• Sign up to alerts from Action Fraud, the UK’s national fraud and internet crime reporting centre so you know what to be on the look out for;
• Worcestershire Business Central offers “Growing Cyber” a support service to Worcestershire based businesses to help them become cyber savvy – click here
• Raise awareness with your workforce on the latest scams so they know to be vigilant;
• Consider how your staff use your IT. Does it add risk, for example, do they bring USB sticks in from home to use at work? Review and update your relevant policies and procedures accordingly, such as Bring Your Own Device to work Policies;
• Consider Data Protection breach issues, associated with any cyber attack. Ensure your staff understand data protection principles and treat personal data with due care.
For further advice and guidance on this or any HR/employee issues and training, contact Employment Director, Michelle Chamberlain on 01905 677041