Human Resources professionals have been urged to take the lead in strengthening cybersecurity and ensuring regulatory compliance to protect sensitive organisational and employee data.
This call was made by the Chartered Institute of Personnel Management (CIPM) during its 17th Special Human Resource Forum, held virtually. The event focused on the theme, “The Role of HR in Cybersecurity and Compliance: Protecting Employee and Organisational Data.”
The forum brought together HR leaders, cybersecurity specialists, and regulators to examine HR’s evolving role in managing digital risks. A central message was the need for HR to act as a frontline defence against cyber threats and data breaches.
CIPM President and Chairman of Council, Mallam Ahmed Gobir, delivered a compelling analogy in his opening remarks: “When data becomes gold, HR must become the vault.” He emphasised HR’s unique access to employee data throughout the employment lifecycle, making it central to building cyber resilience.
“When HR gets cyber-smart, the whole organisation becomes cyber-strong,” he added.
Linda Rogers, Executive Coach and Director at Leadership House, stressed the importance of embedding cybersecurity awareness within HR processes. She highlighted the need to manage the Joiners, Movers, Leavers (JML) lifecycle carefully, ensure prompt revocation of access rights, and implement measures to combat phishing.
Rogers also addressed the ethical risks of artificial intelligence, warning that “AI must align with company data policies to prevent exposure and misuse.”
From a regulatory angle, Dr Ayodele Bakare, speaking on behalf of Kashifu Abdullahi, Director-General of the National Information Technology Development Agency (NITDA), underscored the need for third-party risk assessments when engaging vendors.
“Ensure that any partner complies with government and industry standards, and does not introduce cybersecurity risks,” he said. He also urged HR professionals to train employees on data privacy laws and conduct regular audits to “domesticate the NDPA.”
Adeyemi Ajayi, Head of HR at SYNLAB Nigeria, described HR as “a collaborator and a human firewall,” advocating for continuous monitoring of employee access across their career lifespan.
Bashar Babatunde, Acting CTO at Credit Direct Limited, proposed that cybersecurity should operate as a standalone unit, with HR playing a key role in establishing reporting structures to give cyber teams appropriate authority and visibility.
