Around the world, cybersecurity and data privacy remain the single greatest risk to individuals. This risk is considered the most likely to occur and the one with the most serious consequences. Therefore, spreading a corporate culture toward cybersecurity is a top HR priority right now.
Mercer Marsh consultancy surveyed 2,594 organizations, including 1,280 risk managers and 1,314 HR professionals in 25 countries in Latin America, Asia, Europe, the Middle East and Africa, and North America and the Pacific region during the first half of 2022. The result: while 76% of those surveyed feel their organization is addressing cybersecurity risk, only 44% report having effective policies, controls and support systems in place, and more than a third (35%) feel they lack the specialized resources to understand and address exposure.
One of the highlights of the survey is related to risk awareness among different stakeholders. Around 70% consider it very important to manage accelerated digitization. However, customers and employees rank it higher, while only 58% of regulators consider it very important.
According to the report, there is still a need for HR and risk professionals to have proactive conversations to identify where vulnerabilities exist during employees’ day-to-day activities and to create a culture of cybersecurity risk management.
Where to start?
Experts suggest the following key controls to strengthen security:
- Increase cybersecurity awareness at the board, executive suite and employee levels.
- Integrate the activity of HR, risk, and cybersecurity teams to ensure alignment across key functions.
- Adopt a digital-first employee experience and a simple digital ecosystem for employee benefits and other common HR transactions, delivered through best-in-class solutions across the enterprise for strategic areas like benefits.
- Allow employees to develop skills, make that development a job expectation and formalize time for learning, and address obstacles to mid-career changes.
- Move from quantitative workforce planning to a skills-based model that lays the foundation for skill acquisition to create positions that don’t yet exist.
- Investigate how digital health is used to improve access to health care.
Source: Risco de Pessoas 2022 | Marsh | Cyber resilience