What's Happening?
Human resources (HR) leaders are increasingly involved in cybersecurity as identity-based attacks rise. In the first half of 2025, these attacks increased by 32%, with over 97% targeting passwords, according
to Microsoft data. Cybercriminals are leveraging artificial intelligence to enhance phishing and social engineering tactics, making HR's role in organizational security more crucial. Forrester research predicts that by 2026, over 60% of security leaders will incorporate workforce risk reduction into their strategies. This shift emphasizes the importance of HR in security, moving beyond technology to include the people using it. Agi Garaba, Chief People Officer at UiPath, highlights the need for HR to collaborate with risk, operations, security, and IT departments. The Forrester report also suggests that 40% of security organizations will create a dedicated workforce risk role, offering HR professionals new opportunities to add strategic value.
Why It's Important?
The integration of HR into cybersecurity efforts is significant as it addresses the growing threat of identity attacks, which can have severe implications for businesses. By involving HR, organizations can better manage workforce-related risks and enhance their overall security posture. This approach not only protects company assets but also safeguards employee data, fostering a culture of trust and transparency. As organizations adopt zero-trust security models, HR's role in training and policy communication becomes vital. This shift also highlights the need for cross-functional training programs, placing HR at the center of workforce development. The collaboration between HR and other departments ensures a comprehensive approach to security, aligning with broader organizational goals.
What's Next?
As identity attacks continue to rise, HR leaders are expected to play a more prominent role in cybersecurity strategies. Organizations will likely invest in workforce development and cross-functional training to address security skills shortages. HR will need to develop comprehensive training programs to help employees understand security protocols and their importance. Additionally, HR leaders are encouraged to engage with industry peers and associations to share best practices and develop standards. This collaborative approach aims to address cybersecurity challenges through coordinated societal action, positioning organizations for success in an increasingly digital world.
Beyond the Headlines
The expansion of HR's role in cybersecurity raises questions about employee privacy and trust. As organizations implement new security measures, transparency becomes essential to maintain employee morale and engagement. HR leaders must balance cybersecurity requirements with the need to foster a positive work environment. By promoting a culture of accountability and collaboration, HR can help build trust and credibility with stakeholders. This expanded role also elevates HR's strategic importance, positioning it as a key player in organizational success.
