July 21, 2017 by Canadian Underwriter
Willis Towers Watson (WTW) has launched a new cyber work diagnostic tool designed to help bolster organizational readiness by focusing on talent management, emerging skills and roles, and defining the requirements of cyber work.
The idea is to combat an organization’s cyber risks by considering the people piece of cyber security by recruiting, leading and engaging a more cyber-savvy workforce, suggests a statement this week from the global advisory, broking and solution provider.
The company reports the core elements of the new tool include the following:
A recent WTW survey of global company cyber security functions found “companies can benefit from having a deeper understanding of organizational priorities when recruiting for positions in cyber, as well as understanding alternatives and having a comprehensive view of skills gaps and talent deficits,” the company reports.
How does the tool work? Chief information security officers and cyber security leads with HR take part in a workshop series to assess levels of work and organizational needs across their company, including a complete workforce review and plan to identify talent gaps relative to benchmark, WTW explains.
“The tool then addresses a full spectrum of options and provides actionable recommendations for executives to address cyber work readiness,” the company statement adds.
Noting that cyber security is a constantly evolving threat requiring organizational readiness from an effective structure and skilled talent base, WTW emphasizes that it is “essential for human capital experts to assess organizational culture, employee engagement and identify talent and educational gaps to protect against cyber threats.”
“Organizations must give more focus to the people element of cyber risk, particularly within IT functions where vulnerabilities can exist if the right skills and talent are not managing the day-to-day technology of the organization,” Tracey Malcolm, WTW’s future of work leader, says in the company statement.
“It is essential that companies have more sophisticated talent strategies in place to identify vulnerabilities, boost their resiliency and improve employee ‘cyber IQ’,” Malcolm continues.
Anthony Dagostino, WTW’s global head of cyber risk, told Canadian Underwriter this spring that considering human risk is key to determining how best to combat data breaches and associated costs.
However, “companies tend to place a heavy emphasis on investing in technology to improve cyber defences, which is crucial, however, often at the expense of human risk,” Dagostino pointed out.
Because human risk “represents the largest source of data breach claims,” he said, “this creates a compelling argument for organizations to take a more strategic approach to how they allocate their capital across the three main buckets: technology, people and risk transfer.”