Cybersecurity has been a relevant issue for all industries for years and was recently reported to be the top global business risk for 2024. This data emphasizes that robust cybersecurity infrastructure will only become more important as new and emerging technologies evolve. While these technologies will make organizations more efficient, they also open companies to new challenges and risks when it comes to keeping their data safe and secure from bad actors and external attacks.
The staffing industry in particular manages many individuals’ data and clients’ confidential information, and it interfaces with numerous businesses to connect employee to employer. Bearing this in mind, staffing agencies and organizations must recognize the importance of protecting data from a client and talent perspective — and work together to keep information secure.
The Government Accountability Office (GAO) reported that, across all industries, cyber crimes through phishing and ransomware attacks have resulted in hundreds of billions of dollars in losses — and importantly, they cited a lack of a central repository for cybercrime data as a key barrier to the prevention of future attacks. This is certainly true when it comes to the staffing industry, in which incidents are frequent but communication between organizations is inconsistent. For instance, three separate staffing agencies experienced major data breaches and information leaks within months of one another at the end of last year. In one case, 70,000 employees’ Social Security numbers were leaked after an unauthorized actor accessed the company’s IT network.
The current information-sharing structure — or lack thereof — limits all staffing agencies’ ability to shield themselves, their clients and their talent from these cyber attacks. Information is siloed within organizations such that there is no established avenue through which an agency can alert others when information is compromised or scams are attempted.
This is why I co-founded the Staffing Cybersecurity Peer Group with cybersecurity leaders at staffing agencies including Aquent, Randstad, TrueBlue, Wood Personnel Services, EmployBridge and others. This collaborative effort connected agencies in order to share information in real time, increase cybersecurity awareness and mitigate risk across the industry. When it comes to cybersecurity, we are not competitors: we are made stronger by working together.
PREMIUM CONTENT: March 2024 Jobs Report
There is no question that cybersecurity attacks are on the rise — and they will only continue to be, especially as our workplaces become more dependent on technology. Cyberattack trends increased 38% globally in 2022, and an even greater surge occurred in 2023. Today’s employees work from all over, connecting to different WiFi networks and signing into secure business platforms remotely, increasing the risk of accidental breaches or bad actors. Organizations must strengthen their cybersecurity measures to adapt to the changing ways employees work.
An integrated approach to cybersecurity detection and prevention also involves education about what these attempts may look like and how to properly handle and report them. Studies show that 74% of data breaches involve human involvement, including social engineering attacks, errors or misuse. As technology grows more sophisticated, so must our workforce’s literacy around these scams. Recently, a finance worker paid a hacker $25 million after a video call with the company’s chief financial officer that he later found out was a deepfake.
Employees are on the front lines when it comes to reducing cyberattacks, so educating employees about these tactics will help keep information and data secure. Reporting suspicious activity, maintaining strong passwords and utilizing multi-factor authentication whenever possible are some steps that companies and employees can take to protect themselves from attacks. In fact, 80% of organizations find that phishing awareness training reduces the risk that employees fall victim to an attempt.
Still, these internal measures are not enough on their own. The best cybersecurity risk mitigation means sharing key information about attacks and attempted breaches between organizations across the industry.
The more organizations that participate in information-sharing initiatives, such as the Staffing Cybersecurity Peer Group, the more momentum we will build within our industry, and the more empowered our organizations will become. It’s time we see ourselves as advocates for our industry and recognize that while our organization’s data may not be breached today, without the right tools and information, it is only a matter of time. We have a responsibility to act now to protect our clients, talent and industry.