HR & Cyber Collaboration: Practical Steps for People Leaders

Cybersecurity is often seen as the territory of the CIO or IT department—a realm of technology, not people. But in today’s world, where every individual is a potential point of vulnerability, HR leaders cannot afford to take a back seat. You may not code firewalls or patch servers, but the human dimension of cyber risk falls squarely within your remit. With so much already demanding your attention, which key areas truly deserve a focus to help safeguard your organisation?

Josh Bersin, a globally respected analyst and visionary in the field of human resources, has long highlighted the growing intersection of HR and technology. His research offers invaluable guidance for integrating AI into recruitment, enhancing employee experience, and elevating performance management. It’s true that some writing has emerged around how cyber attackers leverage psychological tactics—such as urgency, repetition, and the exploitation of trust—to manipulate individuals within organisations. Yet, even as Bersin and others unpack the future of work and the psychology of cyber threats, there remains a noticeable gap: few have addressed the pressing operational considerations for HR leaders navigating cybersecurity compliance and response.

This gap in the conversation is more pressing than ever. Recent cyber-attacks targeting household names like Marks & Spencer (M&S) and The Co-op have shattered any illusion that cybersecurity is just an IT concern. For HR Directors and Chief People Officers, these incidents are not just cautionary tales—they’re urgent calls to action, revealing the critical necessity of united HR and cybersecurity strategies to protect people, data, and reputation at every phase of the employee lifecycle.

The very recent cyber-attack on Jaguar Land Rover (JLR) adds a fresh and sobering dimension to this trend. In early September 2025, JLR was forced to halt production and instruct factory staff to stay home while it investigated a major breach of its internal systems. For HR leaders, this incident underscores the operational chaos that can follow a breach—not just in data loss, but in workforce disruption. The sudden need to stand down employees, communicate clearly, and maintain morale during uncertainty is a vivid reminder that cyber resilience must be built into every phase of the employee lifecycle.

What follows is a practical guide to the employee lifecycle’s most vulnerable touchpoints. Here, we outline where HR must actively build cybersecurity awareness into operational processes and procedures—and offer actionable advice to help shield your organisation from emerging threats.

Embedding cybersecurity throughout the employee lifecycle

1. Vetting & onboarding: Keeping threats out from day one

High-profile incidents like those at M&S and The Co-op underscore a crucial reality: social engineering and credential compromise often begin long before a hacker writes a single line of code. Sometimes, it’s an impersonator who makes it through your hiring process (known in the cyber world as a malicious actor), gaining access to sensitive systems as a trusted insider. That’s why robust vetting isn’t optional—it’s essential.

• Partner closely with cyber teams to scrutinize digital footprints and verify right-to-work checks; don't simply trust third-party providers—hold them accountable.
• Employment contracts should clearly lay out immediate (summary) dismissal clauses for malicious activity, ensuring company property and data can be reclaimed swiftly.
• Flag suspicious onboarding behaviour early and coordinate with cyber experts to prevent credential theft. Map your response pathways before an incident occurs—run mock cyber drills so every stakeholder knows their role in a crisis.

2. Incident investigations: Acting fast, preserving evidence

When cyberattacks hit, financial and reputational damage can escalate quickly. Speed and coordination are your best defenses.

• HR should lead workplace investigations with a focus on preserving digital evidence and ensuring fairness. Bring in cyber specialists right away for root-cause analysis and technical forensics.
• Conversely, if the incident is identified initially as a tech related issue/cyber risk, early HR involvement strengthens investigations, supporting legal compliance and driving lasting organisational improvements by working collaboratively.

3. Culture management: Communicating calm in a crisis

Cyber incidents can create confusion and fear, threatening morale and retention. The solution? Proactive, transparent communication.

• Work with cyber teams to craft internal crisis communications plans. Keep employees informed to prevent misinformation and panic.
• Offer support after incidents, from document recovery to external PR, and develop joint response guidance that addresses the people and technology aspects. Test this now, don’t wait for an attack—think of this as a cyber fire drill, do you know who will need to be in the incident management virtual room?

4. Disciplinaries: Fairness built on facts

Not all suspicious activity is malicious—sometimes it’s human error. When misconduct arises, HR and cyber teams must work together to ensure any disciplinary action is justified and evidence-based.

• Regularly review disciplinary procedures, especially suspension decisions, to ensure fairness and compliance.
• Don’t forget the ‘human’ in HR, with all this talk of cyber and bots etc.

5. Bad leavers: Safeguarding data and reputation

Disgruntled employees pose a real risk, from data theft to sabotage. Prevention starts with clear employment contracts, strong employee relations and vigilant line managers, but HR must be ready to act. The organisation needs to be equipped to nip potential threats in the bud and act swiftly if matters escalate.

• Coordinate with cyber teams to lock down access rights and deploy contractual safeguards that enable rapid incident investigation and system recovery.

6. Risk management: Making people risk central

The financial fallout from attacks at M&S and The Co-op—up to £440m and daily spend drops of 22% and 11% respectively—shows just how vital comprehensive risk management is.

• Use self-assessment tools to identify and shore up weaknesses in vetting, offboarding, and employee management.
• Highlight HR’s visibility in risk tracking, both internally and externally—a well-trained workforce is now crucial for winning new business and impressing clients.

Cyber resilience isn’t just about firewalls and passwords—it’s about people. Legislation like the UK Procurement Act 2023 and standards such as ISO27001 and Cyber Essentials, mean that HR leaders must ensure both employees and suppliers are educated, vetted, and aware of the requirements that must be met. Workforce integrity and cyber awareness can now tip the scales in procurement, making HR’s collaboration with cyber teams a competitive advantage too.

Ultimately, effective HR-cyber synergy means safeguarding the organisation at every touchpoint—protecting not only data but also people and reputation.

Putting people-first cyber resilience into practice

So, what does it really take to turn these strategic recommendations into daily reality? Here’s how HR leaders and people operations teams can drive genuine change from policy to practice:

Forge stronger HR-cyber partnerships:

• Set up a cross-functional HR and cyber security working group that meets regularly to review threats, coordinate responses, and co-design training. Define clear roles at every stage, so HR and IT are always collaborating—not operating in silos.

Refresh policies and communicate with impact:

• Update all relevant HR policies to reflect the latest lessons from recent cyber incidents. Make sure changes are clearly communicated—through targeted briefings, intranet updates, and engaging training sessions—so everyone knows what’s expected.

Embed security in everyday processes:

• Where possible, automate key controls and connect your HR and IT systems for instant alerts and seamless evidence trails. Equip teams with checklists and ready-to-use templates for fast, coordinated incident response.

Build skills and confidence:

• Schedule regular, joint training for HR, IT, and managers, and run realistic tabletop exercises that walk through potential cyber incidents. These hands-on sessions build confidence and turn theory into action.

Measure, review, evolve:

• Track key metrics, review incidents together, and create safe spaces for feedback. This ongoing dialogue lets you spot gaps early and continuously improve your safeguards and support.

Champion a culture of shared responsibility:

• Put HR-cyber collaboration at the heart of your leadership agenda and foster a culture where everyone—from the boardroom to the front line—feels responsible for keeping data and people safe.

By weaving these actions into the fabric of your organisation, you empower your teams to respond quickly, recover confidently, and build the kind of resilient culture that wins trust and impresses both clients and regulators.

Seema Champaneri is an acclaimed HR strategist and thought leader, currently serving as the Commercial HR Rely Lead at Weightmans LLP. With a reputation for bridging commercial priorities and people-centric practices, Seema is known for her innovative approach to integrating HR, technology, and organisational resilience. Her expertise spans change management, risk mitigation, and championing inclusive workplace cultures, making her a trusted advisor to forward-thinking businesses seeking to elevate their people strategies and navigate the evolving world of work.

If you’re ready to strengthen your organisation’s resilience or would like tailored guidance on HR and cyber collaboration, reach out to Seema Champaneri at Weightmans LLP. Connect with her and the team for expert support and practical solutions to safeguard your business and people.