Cyberincidents responsibility: The poll

Should employees’ cybersecurity awareness be tested by HR?

There is a group called Information Security Community on LinkedIn, and a topic regarding phishing attacks surfaced there as a comment thread to the article “Phishing Attacks: What Can Be Done To Stop Staff from Causing a Data Breach“. The responses were quite agitated, which shows that incidents with phishing and data breaches is rather common.

What really stood out was a suggestion from one of the commenters that employees’ cybersecurity awareness should be tested by HR along with their primary skills – in order to prevent cyber-illiterate people from joining the company. Another commenter added that such people can cost their company more than they add, so testing is a way to go.

Draconic as it may seem, this looks like it has some merit. After all, every office employee today has to use a PC, so the lack of basic cybersecurity skills is like the inability to read. The problem is, that it’s not just rank-and-file employees who become the targets of phishing or other attacks.

Here we are offering a few relatable polls regarding cyber-incidents and staff responsibility: