In the cybersecurity world, there is a saying that keeps all awake at night, "Where bits and bytes met blood and bone". This means no matter how well the hardware and software are put together to create a system that keeps criminals at bay, it's your employees who are the final line of defense. And people, being people, can and do make mistakes. Think of the recent 'Wanna Cry' issues where entire hospitals and related services where shut down for hours and in some cases days. That was a simple human response to a malicious cyberattack.
Last week, Modern Healthcare published an article concerning how frequent employee training can help to stave off ransomware. After reading the article, I had two thoughts: 1.) In that cyber security training is one of the many HR consulting offerings we provide, I was thinking of how those being interviewed where describing our F.I.R.M. model of adult learning. 2.) As one who personally has medical data in "the system", knowing that healthcare organizations are spending less than 4% of their information security budget on cybersecurity is
very concerning. You can read more about Children's Health and other organizations
here.
Human Resource professionals should lead the charge in the effort of training employees. IT is well versed with bits and bytes, but it's HR that transforms blood and bone.