Cyber security and human resource development implications for the enterprise

Abstract

In contemporary society, cyber security problems are perceived as tightly aligned with the information technology (IT) field. Nevertheless, latent problems lurk within the problem domain. The bulk of cyber security problems consist of technological challenges and solutions; however, technological considerations are necessary but insufficient to fully address cyber security challenges. Most intrusion attempts are ultimately confronted by humans and many intrusion attempts succeed due to cognitive failure. This paper explores potential benefits of integrating activity to address cyber security behavioural exposures with enterprise human resource development (HRD). The human-oriented side of cyber security intersects HRD in three key underlying pillars of the non-technical discipline: economics, systems and psychology. The notion is further strengthened by the profusion of IT asset access throughout most enterprises for most worker roles. Risky cyber security behaviour is consequently a pervasive issue throughout the organisation, as virtually all employees may be confronted by intrusion activity. This paper provides a theoretical framework calling for interdisciplinary involvement throughout the enterprise to maximise cyber security awareness and tailor training for various role types. Findings are intended to more fully inform the HRD community of scholar-practitioners of the urgent need to design, deliver, implement and evaluate initiatives that could be utilised to diminish inappropriate and costly cyber security behaviour in various workplace environments.