April is Stress Awareness Month. Let SHRM make your work life easier: Join Now
Shawn Premer shows how doing the right thing for employees leads to positive business results.
Is your employee handbook keeping up with the changing world of work? With SHRM's Employee Handbook Builder get peace of mind that your handbook is up-to-date.
Build competencies, establish credibility and advance your career—while earning PDCs—at SHRM Seminars in 12 cities across the U.S. this spring.
#SHRM18 will expand your perspective – on your organization, on your career, and on the way you approach HR. Join us in Chicago June 17-20, 2018
Members may download one copy of our sample forms and templates for your personal use within your organization. Please note that all such forms and policies should be reviewed by your legal counsel for compliance with applicable law, and should be modified to suit your organization’s culture, industry, and practices. Neither members nor non-members may reproduce such samples in any other way (e.g., to republish in a book or use for a commercial purpose) without SHRM’s permission. To request permission for specific items, click on the “reuse permissions” button on the page where you find the item.
Experts tell SHRM Online that businesses should expect cybercrime to rise this year and that combating the problem will require a stay-the-course attitude.
More than 1,050 organizations have publicly disclosed that they were hacked in the first seven months of 2017, leaving more than a billion records compromised, according to Gemalto, a Belcamp, Md.-based digital security company. Gemalto predicts that hacking last year is on pace to match 2016, during which there were 1,985 data breaches.
Experts say companies from Arby's to Uber became vulnerable to hacking because they neglected cybersecurity initiatives in their race to increase business.
"Really, the root of the problem is companies are [moving] so quickly—getting connected to social media, getting more connected to more places, expanding their footprint—that companies are losing track of their critical assets," said Anthony Dagostino, global head of cyber risk at Willis Towers Watson, a global advisory, insurance brokerage and risk management company based in New York City.
Dagostino also told SHRM Online that employee and consumer data is always vulnerable to sophisticated hacking software. The lack of worldwide anti-hacking regulations isn't helping either.
Combating Cybercrime in 2018
Concentrating on tried-and-true anti-hacking methods—such as employee training, educating consumers on phishing software and beefing up IT security—will remain the best way to combat cybercrime in 2018.
"Consumers can be your biggest ally," said Gregory Kuhn, director of technologies at GYMGUYZ, a Plainview, N.Y.-based in-house personal training company. "Have you ever heard of 'see something, say something?' Your consumers can be educated to operate the same way." He said companies should empower their customers to alert them if they suspect a breach.
So Much Crime, Too Few Employees
Another issue facing HR departments is finding enough people skilled to combat cybercrime.
As SHRM Online reported recently, according to Hacking the Skills Shortage, a global report outlining the talent shortage crisis affecting the cybersecurity industry across companies and nations, 82 percent of IT professionals said there is a shortage of people with cybersecurity skills.
In a new report, The Life and Times of Cybersecurity Professionals, by IT researchers at the Enterprise Strategy Group and the Information Systems Security Association, 70 percent of cybersecurity professionals say their companies have been affected by a shortage of employees with cybersecurity skills or training. Unfortunately, the gap between demand and supply of cybersecurity professionals is expected to grow, as the prevalence of cybersecurity attacks continues to rise.
By 2019 there will be a global shortage of 2 million cybersecurity professionals, states ISACA, a nonprofit information security advocacy group based in Rolling Meadows, Ill.
Demand for cybersecurity talent "significantly outstrips the supply of available workers" in every U.S. state, SHRM Online reported. U.S. employers advertised 285,681 cybersecurity job openings during the 12-month period that ended in September 2017. Nationwide, over 746,000 people work as cybersecurity professionals, according to CyberSeek, a project of the National Initiative for Cybersecurity Education (NICE), a program of the National Institute of Standards and Technology in the U.S. Department of Commerce.
[SHRM members-only HR Q&A: How to Safeguard Employee Information]
New Global Law Governing Security
Perhaps the biggest weapon against cybercrime is coming in May 2018: The European Union's General Data Protection Regulation (GDPR), which streamlines privacy laws across Europe and imposes fines of up to 20 million euros for foreign and domestic companies whose cybersecurity systems allow breaches of European citizens' data. The regulation took about two years to craft and was approved by the EU Parliament in April 2016. Regulations in the U.S. are on a state-by-state basis.
New anti-hacking technologies are expected to appear on the market in the coming year; but time will tell if they exceed proven procedures already in place, experts say.
"There are new technologies that intend to identify subtle signals in the way users behave on a network and escalate those for investigation," said Michael Hamilton, founder and president of Seattle-based Critical Infomatics, a cybersecurity detection and retention company.
"These include artificial intelligence and machine learning. However, humans need to remain in that loop. Qualified practitioners are in short supply, expensive and difficult to retain—and this continues to be rate-limiting with respect to getting firmly in front of the problem," he said.
But experts say all is not lost.
"It is inevitable that hacking will continue. Attackers are well-organized and well-funded. Despite this, we should be optimistic about the future of global IT," said Mike Bousquet, co-founder and CEO of Austin, Texas-based identity management company Groove.id.
"New technologies emerge every day along with new companies to bring them to market. There are real people behind these technologies and companies, and good will prevail over evil."
Was this article useful? SHRM offers thousands of tools, templates and other exclusive member benefits, including compliance updates, sample policies, HR expert advice, education discounts, a growing online member community and much more. Join/Renew Now and let SHRM help you work smarter.
You have successfully saved this page as a bookmark.
Please confirm that you want to proceed with deleting bookmark.
You have successfully removed bookmark.
Please log in as a SHRM member before saving bookmarks.
Please sign in as a SHRM member before saving bookmarks.
Please purchase a SHRM membership before saving bookmarks.
An error has occurred
Recommended for you
HR Education in a City Near You
SHRM’s HR Vendor Directory contains over 3,200 companies