ABSTRACT
In the enterprise, cybersecurity programs exist to protect the confidentiality, integrity, and availability of the information of the business. The ultimate goal of any cybersecurity program is to allow the organization to effectively conduct operations while sufficiently reducing financial, reputational, or functional risk. Enterprise solutions involve a widespread array of technical tools including protections for hardware, software, databases, and physical security to reduce this risk, but the most important aspects of any cybersecurity program are the organic pieces between the seats and the keyboards. Human resources departments can be a strong ally for cybersecurity programs. Regulations such as the Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry Data Security Standard (PCI-DSS), and US Department of Justice require annual training for all employees with access to data. The HIPAA specifies strict controls for the protection of electronic and paper information for people.
