The critical importance of HR in cyber-security

The critical importance of HR in cyber-security
TEISS – Steve Bradford
In the contemporary business landscape, organizations are comprised of diverse identities, including non-employee identities such as contractors and freelancers, constituting nearly half of modern enterprises.
While contributing substantial benefits in terms of skill access and labor flexibility, the increased reliance on third-party labor introduces new security challenges and risks.
Despite the pivotal role of HR in overseeing these identities, there remains a significant lack of integration between HR and identity security strategies, with substantial potential for closer collaboration between HR and IT for robust security measures.
HR holds a crucial role in overseeing the identity landscape, particularly in onboarding and managing employee information, but integrating non-employee identities into HR systems poses complex challenges, often resulting in over-provisioning and inadequately managed access permissions.
Rushed integration of third-party identities can lead to severe security issues, such as loss of control of resources and data breaches.
Inappropriate access sharing with non-employees has been prevalent, resulting in significant security implications.
To mitigate these complexities, a closer collaboration between HR and IT is essential.
By sharing details of non-employee identities, IT can implement more stringent access controls, limiting access to essential applications and data, and ensuring that access permissions are granted judiciously.
Both departments should maintain automated processes for auditing and review of access privileges, alongside thorough due diligence practices to assess the cybersecurity of contract workers and service providers.
In managing the escalating growth of identities, organizations should embrace AI and machine learning (ML) solutions to automate and intelligently manage identities, enabling advanced threat detection, improved access permission governance, and prompt removal of access privileges when necessary.
This technology empowers swift and effective response to emerging risks, aiding in preventing security incidents and data breaches.
As the workforce continues to evolve, HR’s integral role on the security front line, working in close collaboration with IT, will be vital.
AI-enabled identity security will facilitate improved cross-team collaboration and equip businesses to effectively address the evolving security threats in the year ahead and beyond.
Link: https://www.teiss.co.uk/hybrid-working/the-critical-importance-of-hr-in-cyber-security?utm_source=newsletter&utm_medium=email&utm_campaign=Weekly%20Newsletter


Tags: