GV.RR-04.046

Does your organization consider cybersecurity knowledge as a factor in hiring, training, and employee retention decisions?

Explanation

Organizations that value cybersecurity knowledge in their workforce tend to build stronger security cultures and have employees who make better security decisions. By considering cybersecurity aptitude during hiring, you can ensure new team members have baseline security awareness. Including security in training programs and performance evaluations reinforces its importance and encourages continuous improvement in security practices. Evidence could include: job descriptions that list cybersecurity skills as requirements or preferences, training programs with cybersecurity components, performance evaluation templates that include security-related metrics, or HR policies that document how security knowledge is factored into hiring and retention decisions.

Implementation Example

Consider cybersecurity knowledge to be a positive factor in hiring, training, and retention decisions

ID: GV.RR-04.046

Context

Function: GV: GOVERN
Category: GV.RR: Roles, Responsibilities, and Authorities
Sub-Category: Cybersecurity is included in human resources practices

ResponseHub is the product I wish I had when I was a CTO

Previously I was co-founder and CTO of Progression, a VC backed HR-tech startup used by some of the biggest names in tech.

As our sales grew, security questionnaires quickly became one of my biggest pain-points. They were confusing, hard to delegate and arrived like London busses - 3 at a time!

I'm building ResponseHub so that other teams don't have to go through this. Leave the security questionnaires to us so you can get back to closing deals, shipping product and building your team.

Neil Cameron

Founder, ResponseHub