Is your HR team a threat to IT security?

One study claims that HR professionals are a threat to their own companies due to a ‘latency for mistakes’

Is your HR team a threat to IT security?
HR departments – and the people inside them – have come second only to finance in a list of departments posing the biggest IT security threats.
 
Research released by UK-based tech firm Clearswift shows 42% of global security professionals name HR as the biggest IT security threat to business.
 
This reputation for risk was trumped only by finance, which 48% of the 500 security professionals surveyed thought was the biggest risk.
 
For UK respondents, the HR team actually represented the biggest risk for 48% of professionals surveyed, with finance only considered more risky by 42%.
 
The research said HR’s bad name stemmed from the ‘latency for mistakes’ by employees within the department, such as sending confidential details to the wrong people, inadvertently installing malware on computers, or of employees and contractors within deliberately stealing valuable data.
 
HR was also higher on the list due to ‘cultural factors’, Clearswift claims. For example, legal and compliance were considered much lower risk.
 
The biggest potential enemies within were middle managers, who were rated by 37% of security professionals as the higher risk for IT security.
 
“Middle aged, middle managers are ‘in between’ – having access to the data, but no obvious stake in the consequences of losing it,” the report stated.
 
“They are also more likely to be under time and financial pressure, and so may be more inclined to take risks. This puts them in a position, liable to make mistakes or even succumb to foul play,” it said.
 
Senior managers in contrast were rated as highest risk by only 19% of respondents, with executives and admin coming in even lower at 12%.
 
An overwhelming 79% said men were more of a worry than women, with researchers suggesting this was due to women’s more ‘cautious’ nature.
 
Also, remote workers were much less of a risk than those working inside the office, with 67% naming office workers as the highest IT security risk.
 
“Despite the perceived security worries about people working out of the office on whatever devices they want, those in the office actually have easier access to sensitive data, so are more likely to lose it,” the report states.
 
Related stories:
 
Poor HR policies encouraging major security risks
 
What exactly is causing the data breaches at your company?
 
Cyber-crime: what you need to know

Free newsletter

Our daily newsletter is FREE and keeps you up-to-date with the world of HR. Please complete the form below and click on subscribe for daily newsletters from HRD Asia.

Recent articles & video

What do millennials and Gen Zs desire from employers?

5 gender myths killing your D&I agenda

Why HR transformation fails to be a ‘genuine success’

Diageo rolls out ambitious family leave policy

Most Read Articles

Is HR doing enough for LGBT employees?

What's the key to achieving workplace happiness?

How to ensure a successful transformation