Where do HR and other non-security/IT departments fit into your insider risk management strategy/program? What role do they currently play?
Sort By:
Oldest
CISO in Softwarea year ago
It is challenging, but sometimes very important for HR to work with IT and Security for scenarios where employees will be laid off, etc. as those people are often higher risk for performing unauthorized or malicious activities. Deputy CISOa year ago
Insider threat originates from People, I see a large role from HR specifically, like they would for any misconduct/investigation/incident, and an unbiased humane view. Generally learning and development and process like background check are handled by them. Those would be imp too. Other non-IT functions like physical security, Legal , business leaders have a role as their shadow and awareness of consequences shall drive the culture. Chief Information Security Officer in Healthcare and Biotecha year ago
HR is very risky domainDirector of Network Transformationa year ago
Employee exits.. If you are not aligned with HR, you will get burned.. And don't forget those shadow IT apps. Director of IT in Educationa year ago
CASB Tools are excellent to find shadow IT apps.
Head of Information Security in Services (non-Government)a year ago
Info Sec partners with HR, and business unit leaders as needed, to review potential red flags for leavers (sending docs to personal email, USB, etc.).