What's Happening?
Human resources leaders are increasingly involved in cybersecurity as identity-based attacks rise. In the first half of 2025, these attacks increased by 32%, with most targeting passwords. Cybercriminals are using AI to enhance phishing and social engineering
tactics, making HR's role in security more crucial. Forrester research predicts that by 2026, over 60% of security leaders will formally include workforce risk reduction in their strategies. HR is now seen as a strategic partner in security, focusing on building relationships across the organization and developing comprehensive training programs.
Why It's Important?
The involvement of HR in cybersecurity is vital as employees are the primary defense against identity attacks. With AI-driven threats becoming more sophisticated, HR's role in training and policy communication is crucial for protecting organizational and personal data. This shift elevates HR's strategic importance, allowing it to contribute to broader organizational goals like growth, revenue, and security. As security skills shortages persist, HR's involvement in workforce development and cross-functional training becomes essential for maintaining a secure and resilient organization.
What's Next?
HR leaders are encouraged to engage with industry peers and groups to share best practices and develop standards. As AI governance frameworks emerge, HR's role in cybersecurity will continue to grow, positioning organizations for success. Transparency and trust are key as new security measures are implemented, ensuring employee morale and engagement are maintained. HR's expanded role in cybersecurity offers opportunities to demonstrate strategic value and contribute to organizational resilience.
