Posts

GDPR and the Future of Remote Work: What HR Needs to Know

The General Data Protection Regulation (GDPR) is one of the most comprehensive and impactful cybersecurity laws today. While this EU regulation passed in 2018, companies today would benefit from reevaluating their compliance. As remote work becomes the norm, the GDPR and HR’s relationship is back in the spotlight.

Many companies may be complacent about the GDPR, assuming all their operations and partners are already compliant. However, Amazon’s recent $887 million non-compliance fine highlights how these assumptions may be inaccurate. In the move to a more remote-friendly work environment, businesses have also introduced new risks and considerations.

Three years after the GDPR’s passing, compliance is perhaps more important today than ever. Here’s what HR professionals should know while preparing for the future of remote work.

The GDPR is becoming increasingly relevant.

Amazon’s record-breaking fine demonstrates how crucial GDPR compliance is, even for non-EU companies. These regulations carry fines of up to €20 million per violation, enough to put a smaller business in financial ruin. Additionally, many companies that once fell outside of GDPR jurisdiction may now find themselves in it.

Digital adoption leaped five years in eight weeks amid the initial COVID-19 outbreak. Consequently, more businesses are collecting more data than ever before. It’s highly likely that U.S. companies now collect or store data in the EU, putting them under the GDPR.

Since businesses are embracing digital transformation so rapidly, HR departments may not have had time to catch up. Regulatory compliance has likely lagged behind the shift to new technologies and processes. As a result, companies that were GDPR compliant last year may not be any longer.

Perhaps the most impactful of these shifts is the one to remote work. A late-2020 survey of 1,200 global companies revealed that 72 percent of their workforce now works remotely. Furthermore, most companies plan on expanding their remote workforce this year, raising concerns for the GDPR and HR.

Remote work introduces new data security concerns.

The relationship between the GDPR and HR becomes more complicated with a remote workforce. Some rules become more challenging to enforce. For example, companies must notify authorities no later than 72 hours after a breach, but remote communication can be inefficient. Understanding what happened and informing all potentially affected employees may take longer.

Similarly, ensuring employees follow the proper device and network security steps can be challenging with remote workers. One survey found that 76 percent of remote workers have accessed work files with non-protected devices. When employees are on their own, using personal devices on home networks, ensuring compliance is far from straightforward.

Remote work means companies, including their HR departments, are more reliant on digital communication than ever. Consequently, they’re at greater risk of non-compliance from hackers, user error, or non-compliant third-party services.

Since HR is often responsible for companies’ regulatory compliance, they bear much of the responsibility for the GDPR. Additionally, HR departments handle some of a business’s most sensitive data, like employees’ personally identifiable information (PII). Managing that data in a digital, remote environment makes it more susceptible to a breach.

What can HR do to ensure GDPR compliance?

In light of these growing concerns, HR professionals must become familiar with the GDPR. As they shift to remote work environments, they should reassess the steps they take towards compliance.

Remote monitoring software can help reduce security-jeopardizing user errors, but HR should balance this protection with privacy. The GDPR allows monitoring, but only in some contexts, requiring businesses to have legitimate reasons, among other considerations. Generally speaking, it’s best to use as minimally intrusive measures as possible and be transparent with workers about it.

If companies change what employee data they collect or how they use it, HR should inform workers. Worker consent and their right to be informed are crucial aspects of both the GDPR and HR’s responsibility. Similarly, HR should ensure any process or technology changes uphold employees’ right to delete their personal data.

Hiring a data protection officer is one of the most helpful changes a company can make. The GDPR requires this in some organizations, but even those that don’t need one should consider it. By creating such a position, HR can have a go-to contact for questions about cybersecurity regulatory compliance.

Cybersecurity is a crucial part of HR today.

Cybersecurity might not typically be something people expect of HR, but the two fields are inseparable today. HR plays a critical role in protecting employee data and meeting relevant regulations. As such, HR professionals must prepare for how the shift to remote work will impact their GDPR compliance.

As cyber threats rise and remote work introduces new risks, the GDPR must become a point of focus again. HR teams should work with IT departments and management to reassess and adjust their GDPR compliance. Failure to do so can result in massive fines and the infringement of employee rights.

Hybrid Work: Transform Your Workplace with Security and Collaboration

The future of work is hybrid–with over 50 percent of people saying they’d prefer to work from home at least three days per week. But many workplaces don’t have the tools in place to make the transition to this new working style.

To implement hybrid work successfully, organizations need streamlined communication and security for safe collaboration and inclusive communication. By selecting the right tech tools and organizational strategies, hybrid work can be a boon for productivity, employee engagement, and even DEI.

Our Guest: Jeetu Patel, Cisco’s Executive VP and General Manager of Security and Collaboration

On the latest #WorkTrends podcast, I spoke with Jeetu Patel, Executive VP and General Manager of Security and Collaboration at Cisco. He leads business strategy and development and also owns P&L responsibility for this multibillion-dollar portfolio. Utilizing his product design and development expertise and innate market understanding, he creates high-growth Software as a Service (SaaS) businesses. His team creates and designs meaningfully differentiated products that diverge in the way they’re conceived, built, priced, packaged, and sold.

To successfully achieve these things, Jeetu stays open-minded and flexible, especially when it comes to hybrid work. In order to ensure that experiences are great for employees, he says organizations need to understand that people typically work better in a “mixed-mode.”

“The future of work will be hybrid. Sometimes people will work from the office, other times, from home. In this ‘mixed-mode’ reality, it is going to be harder than when everyone worked in the office. And the reason for that is there’s more of an opportunity for people to feel left out,” Jeetu says.

To prevent feelings of exclusion, organizations must implement tech solutions for collaboration. At Cisco, they provide various options for remote workers to participate in company goings-on. For instance, they allow people to engage in asynchronous communication, sending stand-alone video messages to contribute ideas. They also use things like Webex and Thrive to make sure everyone is up to date on what’s happening.

“You’ve gotta have the right tools and technology to collaborate in a frictionless manner,” Jeetu says. “You need world-class connectivity and delightful software experiences that can allow you to collaborate, be secure, and not have to worry about someone hacking into your system.”

How Hybrid Work Can Strengthen DEI Efforts

Part of creating a frictionless hybrid work system is focusing on diversity, equity, and inclusion. Jeetu explains that DEI should be prioritized in hybrid work scenarios because it’s the right thing to do.

“No one should feel left out because of their race, gender, ethnicity, geography, language preference, or personality type,” Jeetu says. “Those things shouldn’t make people feel like they don’t have the opportunity to participate.” 

Hybrid work empowers organizations to focus on DEI because it gives global access to talent. Opportunity is unevenly distributed all over the planet, explains Jeetu, while human potential is not. So hybrid work can help make positive changes in the workforce regarding issues of equality.

“Hybrid work allows people of all types to feel that they have a level playing field,” Jeetu says. “People shouldn’t have to feel like they have to choose between where they want to live and having access to a career opportunity. They should be able to do both.” 

I hope you enjoy this episode of #WorkTrends, sponsored by Cisco. You can learn more about integrating hybrid work into your organization by connecting with Jeetu Patel on LinkedIn.

Also, on Wednesday, October 20, 2021, from 1:30-2:00 pm ET, don’t miss our #WorkTrends Twitter chat with Cisco (@Cisco).

During this live chat, our global “world of work” community will discuss how companies can develop an intelligent workplace, how collaboration tools empower the hybrid work model, and more. Be sure to follow @TalentCulture on Twitter for all the questions and add #WorkTrends to your tweets so others can see your opinions and ideas!

Create a Culture of Cybersecurity: Teach Employees to ‘Catch a Phish’

In 2020, 74 percent of U.S. organizations said they succumbed to a phishing attack. As today’s news cycle fills with ransomware headlines and remote connectivity continues​, it’s increasingly essential for companies to implement action plans for cybersecurity awareness. Phishing can get both people and businesses into all sorts of deep water.

The word “phishing” is commonly used as an umbrella term for a variety of attacks, though the overarching category that phishing falls into is called social engineering. Social engineers prey on human nature with the intent to manipulate a person to take a specific action. Phishing refers to the most common type of social engineering: fraudulent emails sent to many people.

The idea is to cast a wide net with simple bait—fake communication that often impersonates an individual or brand. Phishing works because it taps some of the most basic human traits (curiosity, carelessness, fear of missing out), and scammers know how to use those traits to their advantage. They hook you with an email, text message, phone call, or social media message. Then, they lure you in with a malicious link or attachment and then make the catch–: stolen login credentials or a compromised system.

Many companies attempt to create a culture of cybersecurity and phishing awareness by using scare tactics. These can make employees annoyed at your IT team—or worse, resentful. They may even feel so anxious about phishing that they won’t click on any link or attachment—even important ones. At the end of the day, negative emotions won’t help you build an effective culture of cybersecurity awareness. HR departments should make it their goal to nurture a blame-free, empowering security culture where all employees feel they are contributing to a shared goal.

Create a culture of cybersecurity.

In a well-functioning culture of cybersecurity, employees understand their roles in protecting your company’s data and IT resources. They are active participants in ongoing security conversations. Also, they have the tools they need to maintain good security habits without impeding their work. A blame-free culture doesn’t mean a lack of accountability. Instead of using a punitive model, however, find other ways that motivate employees to follow policies and strong security habits. For example:

  • Don’t instill fear in employees with threats of termination for repeatedly falling for simulated phishing.
  • Do implement a buddy system that appoints a peer to be a team or department’s cybersecurity expert.
  • Don’t require employees to reuse or write down their passwords.
  • Do provide appropriate resources and tools, such as password managers, so employees can use and manage strong passwords.

A recent Dashlane and Harris Poll survey found that 79 percent of employees take at least some personal responsibility for their company’s overall security. Employees want to be part of the solution, and companies need to show them how they can do that.

Implement a cybersecurity education, training, and awareness program.

Phishing trends sound unsettling—but by educating and training your employees, you will empower them with the knowledge to avoid taking the bait. A successful cybersecurity education, training, and awareness program should answer why security matters to your company. It should communicate to employees why they should care about security. Additionally, it should explain how cybercriminals target and attack businesses and what actions employees can take in the course of their day to enhance security.

Conduct simulated phishing campaigns.

To help employees recognize phishing and risky actions through first-hand experiences, use a “show, don’t tell” approach with simulated phishing tests. Phishers may not always have perfect spelling, but they shine at psychology and human behavior. And they’re meticulous researchers. By conducting regular mock phishing campaigns, you can turn employees from a weak link in company security to points of strength.

In addition to serving as practice for employees, the phishing tests measure how many people open the emails, click on the links and attachments, and complete the final action (such as entering their login credentials). You can use these metrics to track the effectiveness of your program over time and identify areas that need additional education and awareness.

Boost phishing defenses with additional tools and processes.

Education and awareness are empowering, but you still need to provide tools and implement strategies that support and promote secure practices. Train employees on how to identify and report suspected security incidents and threats, including phishing attacks. Consider creating a special email or channel for employees to reach out to.

Specifically, businesses must also train employees to recognize phishing attempts and social engineering. In addition, they need to adopt a password manager and multi-factor authentication to improve digital hygiene and security. Cybersecurity is as much about people as it is about technology. Businesses need to educate their entire workforce and provide them with tools they will actually use. Doing so makes their lives easier, both at work and at home. Some quick tips for catching a phish include:

  • Check the subject line of an email for a sense of urgency, scare tactics, or an enticing offer.
  • Ensure the email address matches the sender’s name and/or company.
  • Before clicking, look out for poor spelling and grammar, or unusual/awkward use of language.
  • Don’t be fooled by personalization because scammers can also learn your personal details.
  • Adopt technologies like endpoint security, password managers, and email security.

Many businesses are improving their security technologies and processes to make it harder for phishers to hook their employees. But phishers will continue to find novel, unexpected ways to lure people with social engineering. Your best defense is planning for the unexpected and empowering employees with current knowledge, appropriate tools, and ongoing awareness. Companies can only achieve a culture of cybersecurity if everyone is engaged. Cybersecurity is not something only IT and tech-savvy employees can care about. HR departments need to remember that promoting positive cybersecurity awareness will lead to a culture of security––not scare tactics.

Building the Future Through STEM [Podcast]

STEM, an acronym for the fields of science, technology, engineering, and math, will greatly affect the future of work. STEM is at the core of innovative technologies, driving not just the success of businesses, but medical advancements, education, and more.

The demand for tech workers and engineers is especially growing, and some worry that our educational system isn’t keeping up. When the time comes for current technical talent to retire, how can we prepare upcoming generations to take over?

Our Guest: Speaker, Author, and Futurist Rachael Mann

I was excited to welcome back Rachael Mann for a second time to the #WorkTrends podcast. Rachael is a futurist with a passion for tech and science. She frequently speaks at events across the country, channeling her 14 years of classroom teaching experience to lecture on topics ranging from disruptive technology, education, and careers. She is the author of The Spaces You Will Go, co-authored the book Martians in Your Classroom, is a founding member of the Council on the Future of Education, president-elect for the NCLA executive board, and vice-president of New and Related Services for ACTE.

One of the biggest issues STEM faces right now is education, says Rachael. Basically, schools should offer it as a part of their curriculum to make young people aware of its existence. And there need to be more opportunities for experts to teach it.

“We need to offer the right education in order for kids to be interested in STEM. But we also need the right teachers,” Rachael says. “And I think that really has a huge impact on the workforce. Students aren’t seeing science, engineering, math, and tech role models or understanding what opportunities are out there for them.”

Of course, parents play a vital role in inspiring future generations to get into STEM too.

“There are so many free resources available to parents with hands-on, fun activities. Give kids books with characters that they can relate to who are interested in science and tech. I wrote a children’s book called The Spaces You’ll Go about a little girl named Cass with her kangaroo robot, and they’re exploring space-related careers,” Rachael says. “These kinds of activities allow children to envision themselves someday in a field that they’re curious about.”

STEM: Our Future May Depend on It

By incorporating STEM into education, kids can learn from a young age that their work can have a positive impact. This early exposure can get them passionate about big world issues moving forward.

“Whether it’s this global pandemic, cybersecurity attacks … overpopulation, renewable energy,  anti-aging therapies, there are just so many problems connected to STEM,” Rachael says. “And when it comes down to it, those big problems offer the biggest opportunities for young people to change the world through their careers.”

Of course, while a lot of technical and scientific knowledge comes with STEM skill development, it’s important to focus on the human aspects of the fields as well. After all, we’re using STEM to improve life on Earth and our interactions and connections with each other.

“We have to be more human,” Rachael says. “As we think about technology and advancing the world, it’s more important than ever to focus on humanity and the skills that can’t be replaced by robots or technology.”

I hope you enjoy this episode of #WorkTrends. You can learn more about technology, science, and STEM education by connecting with Rachael Mann on LinkedIn.

Image by Gerd Altmann

4 Ways HR Can Help Accelerate Digital Transformations

Companies worldwide are launching rapid digital transformation strategies. Their goal: To keep pace with the increase in customer demand for seamless delivery of products, services, and experiences. So in many circles, the question becomes: How can HR help accelerate digital transformations?

To meet these lofty goals and expectations, departments within these organizations need the right technology and the right people. Otherwise, they might miss the opportunity to discover new ways of doing business and innovating through increased digitization. This means human resource departments have a significant role to play in digital transformation.

HR leaders must work alongside IT leaders to accelerate digital transformations and coalesce around priorities. For leaders to succeed in digital transformation, they must be on the same page while removing the barriers of a top-down, hierarchical approach. Leaders must work together to best reallocate resources and spread work and management of work across teams.

Plenty of well-intentioned companies nail the details of digital transformation. Details such as knowing what makes a good user story, understanding the difference between product and project, and finding opportunities to automate deployments whenever possible. The challenges arise with people, culture, and scale. That’s where HR can play an important role.

As many leaders have already learned, digital transformation affects everyone in an organization. Because they are so focused on the daunting task in front of them, this can be difficult for transformational leaders to think about. Proactively communicating with existing teams about how digital transformations will positively affect them and why it’s best for the organization, though, helps everyone.

Because in the end, digital transformation is as much a cultural transformation as it is a business and technology transformation.

Look No Further

The ongoing pandemic hasn’t slowed digital transformation. Despite layoffs and deep budget cuts at countless companies, a large majority (70 percent) of CIOs say their budgets and staffing numbers underwent reductions of less than 10 percent in the aftermath of COVID-19. The top priority of budgets in 2021? Digital transformation, of course. In fact, 77.3 percent of CIOs ranked this endeavor as the most pressing concern this year (ahead of cybersecurity).

So why should HR departments step in as a source for solutions to these problems? Well, the momentum from IT departments toward digital transformation is significant for HR. The reason is simple: Technology alone cannot make for a successful digital transformation. It’s a total team effort in which HR has a big role to play.

Yes, IT can take care of the technology side of the digital transformation equation. However, HR has a shared responsibility. Attracting, retaining, and reskilling the human actors who understand how to both derive value from technology and innovate new ways of doing business digitally is another piece of the puzzle. Without the right talent, even the biggest transformation budget won’t succeed. Teams need the right human resources in place.

Easier for Everyone

Here are a few tips for HR leaders who aspire to work in tandem with IT to accelerate digital transformation to achieve the ultimate goal of building products that customers want to buy and increase revenue.

1. Talk it out

Communicate with IT openly about the culture change and plan to distribute the emotional load. And start those conversations early. Hold discussions about how the culture might change and how some employees might not love the process of digital transformation. HR, technology, and product teams can also share the responsibilities to make sure digital talent and older business lines work well together.

2. Embrace change

Gain a solid understanding from IT on how roles will change as a result of accelerating digital transformation. As the stewards of human abilities within an organization, HR needs to know what qualities to look for in the next generation of talent. This talent pool will have new skills every year or so, making skills secondary to learning ability and work ethic. As an HR leader, you can help find the next generation of digital talent. Start by changing job descriptions to reflect digital values, such as adaptive learning and grit, rather than hard credentials.

3. Promote retention

In many organizations, HR controls (or has a lot of say in) promotion decisions. Digital transformations are a serious uphill battle for product and technology leaders everywhere. And one of the biggest momentum killers is top digital talent leaving an organization. This is especially disheartening when they leave because they feel transformational work is not rewarded or appreciated by the culture. Work with technology and product teams to rework incentives. Ensure the company rewards digital talent. And keep your focus on retaining the talent required to ensure enough forward progress.

4. Prioritize education

Develop new training programs with IT that promote collaboration, prototyping, and decision-making alongside technical skills. You can also help by preparing digital talent in cross-functional environments. As you do, know that maximizing teamwork will likely achieve better results than maximizing individual performance. Companies can expect to see more success in their digital transformations by training UI/UX designers, product owners, scrum masters, and engineers together. That way, students can practice the handoffs and negotiation skills required in a digital world.

It bears repeating: Accelerating digital transformation requires a cultural shift just as much as it does a technology or business shift. When IT and HR work together, they can create a more stable environment that makes digital transformation easier for everyone.

Image by Victoriasky1

Changing Skill Sets for Changing Times: 5 Focus Areas for 2021

What skill sets are employers looking for most in 2021? How can they partner with employees to develop these sought-after skills?

In 2020, the COVID-19 pandemic – alongside countless social justice movements – shaped the world in a new way. Now, employers must reevaluate their businesses and see what new skills match the world’s ever-changing landscape.

For employers in 2021, what follows are five of the most in-demand skill sets for our changing times. By enabling growth in these areas, employers across all industries will help their employees and prospective teammates thrive in our post-pandemic workplace.

Skill Set 1: Remote Teamwork

The most obvious change to come from the pandemic is the new work-from-home dynamic. According to Pew Research Center, 71% of employees were working remotely as of December 2020. Given this new landscape, employees need resources — primarily, they need technology to connect and work together.

Businesses should focus on hiring talented individuals who know remote working systems well. In addition, helping current employees further adapt by getting them the resources they need will instantly improve work efficiency. Critically, all workers must have communication channels available, like Slack or Google Meet.

A lack of teamwork causes a communication breakdown and disrupts the company’s goals. But the solution is to provide the right technology and assistance.

Skill Set 2: Time Management

With remote work, limited office capacities, and social distancing, many employers changed their schedules to accommodate health and safety concerns and physical space. Now, many in the workplace may start and end work at different times. These alterations force a focus on time management.

New and existing employees should demonstrate that they can independently manage their time, schedules, and projects. Employers and HR managers should emphasize helping talent learn to meet deadlines efficiently while assisting fellow employees stay on track, further developing time management across their teams.

Of course, employers should continue being flexible with remote work teams. Allowing employees to choose their own hours lets them build their work schedules around home commitments. They can then work when they’re at their most productive, distraction-free – which is the best possible form of time management.

Skill Set 3: Soft Skills

A people-first approach helps a company stand out in the crowd. So employers may not consider soft skills “soft” for much longer.

As social justice movements and awareness grow, soft skills add the human factor businesses need. These skills include adaptability, emotional intelligence, creativity, collaboration, active listening, and knowing how to help other employees thrive.

Soft skills also lead to solutions that put public safety first. For instance, curbside pickup and delivery have been a creative solution for shopping. Employers want workers who can come up with service and people-focused ideas like these.

Businesses also need to recognize and reward employees who can slip in and out of new roles depending on what the company needs. The pandemic has put pressure on companies of all sizes — and they all need employees trained to be adaptable to these changes.

Skill Set 4: Social Media Marketing

Social media has been around a long time; however, 2020 brought a new way to use these digital bullhorns. Specifically, platforms like Facebook, Instagram, and TikTok help influence and reach the 3.6 billion people who used social media in 2020.

Instagram recently added a shopping tab, which companies of all kinds can use. Facebook Marketplace continues to have a significant impact on shopping habits. Combined with the growth of TikTok’s influence, employees will want to know how to curate a business page and list the company’s products or services in an engaging way. So smart employers are looking for new employees with these talents and will cross-train existing employees to further leverage e-commerce channels.

Moreover, social media is where social justice movements, new trends, and pop culture moments happen. If employees stay current, they can add meaningful or relatable approaches to the brand’s social media pages.

Skill Set 5: Cybersecurity

As the pandemic hit the United States, people wanted information about employment, finances, and staying safe. With countless people and businesses turning to the internet for resources, cybercrime shot up drastically. Still, as people try to get vaccines, phishing scams run rampant. The FBI reported between 3,000 to 4,000 cybersecurity complaints daily last summer.

If a business faces a breach, scam, hack, or malware attack, it could lose sensitive data, like employee or client Social Security numbers and bank accounts. To prevent this catastrophic loss of data and trust, businesses must focus on hiring cybersecurity professionals and upskilling entire IT teams. Simultaneously, managers are helping current employees learn the ins and outs of cybersecurity.

Still, the best employers know cybersecurity is an industry of its own, and specialization often requires years of training. Now more than ever, it’s in every company’s best interests to focus on retaining cybersecurity talent or securing reliable outside services.

Skill Sets 2021: A New Employee Landscape

The unemployment rate is still coming down from April 2020’s record high. On the positive side, there’s plenty of new, eager talent looking to make a difference. And existing employees are showing genuine interest in providing the reskilling and upskilling to update in-demand skill sets. By focusing on these five areas of skills development, your company can revolutionize your workforce and create lasting talent pipelines – even in changing times.

 

The IT Job Market Is Booming and It’s Easier To Get a Job in the Industry Than You Think

Do you speak IT?

The information technology job market is as strong as it’s ever been, with tens of thousands of highly lucrative and unfilled IT jobs available throughout the country.

And the barriers to entry in IT are lower than most people think — even for professionals already established in other fields, according to the Computing Technology Industry Association (CompTIA), a leading destination for training, certification and ultimately a career in technology.

“A commitment to learning, self-growth and finding a job that lets you capitalize on your innate strengths are some of the most important factors involved in switching careers into IT,” CompTIA says in its guide for shifting into an IT career.

Interested in working in IT or spreading the word about IT jobs? Here’s a look at the state of the IT job market and how professionals of all types can take advantages of these job opportunities.

The IT Boom Continues

The IT industry, already growing rapidly, is expected to outpace the overall economy’s growth in the coming years. The U.S. Bureau of Labor and Statistics has projected that computer and information technology occupations will grow 13 percent from 2016 to 2026, well above the average growth rate for all occupations. Demand for these workers will be driven in part by a greater emphasis on cloud computing, big data and information security.

Recent trends indicate the boom is underway. U.S. IT sector employment expanded by an estimated 11,700 jobs in October, the strongest showing since this spring, according to an analysis by CompTIA. Hiring for tech jobs across the entire economy also bounced back in October, as employers added about 107,000 positions, CompTIA’s analysis of the latest BLS Employment Situation report says.

“The data confirms software, data and emerging tech skills continue to be hot commodities in the job market, which often overshadows the fact that employers are also in hiring mode for many core positions, such as networking, IT support and cybersecurity,” says Tim Herbert, senior vice president for research and market intelligence at CompTIA.

Switching Is Surprisingly Easy

Switching to a career in IT is well within reach for many professionals, even if it may seem daunting, CompTIA says. The group says anyone with the desire to get an IT job can find one that suits their unique skills, talents and interests. In fact, there’s a good chance that many of the soft skills you already have can be leveraged for a career in IT.

When considering a switch, CompTIA suggests first determining what you want out of an IT career. Start by asking yourself what you’re passionate about. How much money do you want to be earning? What makes you happy in a professional sense? Helping people? Solving problems? Being able to show off your creative side? These are questions you should work through as you begin to research possible career options.

Next you’ll need to research and compare training options such as CompTIA’s CertMaster Practice for IT Fundamentals+. It’s also important to identify any applicable certification options. CompTIA’s 4 Steps to Certification guide and its Get into IT digital brochure are good places to start exploring certifications and how they can help make you a more marketable job candidate.

It also makes sense to read IT job descriptions and talk to IT professionals to determine which technology jobs best meet your skills and interests. This could involve watching day-in-the-life videos on YouTube and on the CompTIA website, or attending informational webinars about IT careers and technology trends.

CompTIA also offers a free career quiz to see if you’re well-suited for a career in IT.

Emerging Technologies in Demand

Data indicates that emerging technologies are going to play an even larger role in the IT job market moving forward, powered by advances in AI, blockchain, big data and machine learning.

A recent CompTIA analysis of employer job data found that companies had advertised for more than 282,000 positions in emerging technologies year-to-date, an increase of 65 percent over the same period in 2017. In comparison, overall IT job postings recorded a 30 percent increase year-over-year.

Employer demand for cybersecurity professionals across the U.S. also continues to accelerate, CompTIA says. U.S. employers posted about 314,000 job openings for cybersecurity workers between September 2017 and August 2018. That’s in addition to the 715,000-plus cybersecurity workers currently employed around the country.

“Efforts to address the shortage of cybersecurity workers are underway on many fronts, but progress has been frustratingly slow,” says Todd Thibodeaux, president and CEO of CompTIA. “The threats are real and growing, with the potential to impact the livelihood of any organization. Our current cybersecurity workforce is doing what it can to keep us protected. It’s critical for private-sector companies and public-sector agencies to take the actions necessary to bring more people into the cybersecurity workforce, and to equip them with the appropriate education, training and certifications.”

This post is sponsored by CompTIA.

 

Big Data and Privacy: The Human Consequence of Security Breaches

According to the Identity Theft Resource Center (ITRC), there were 781 U.S. data breaches last year, and the risk is predicted to grow exponentially. Data privacy is one of the biggest threats facing businesses this year and, in years to come.

Breaches over the past few years at companies like Sony, Target, Home Depot, and Anthem have grabbed headlines and exposed the personal details of millions of people—not to mention personal correspondence and backroom gossip. Incidents like these don’t just trigger a PR nightmare that can sink sales and injure a brand’s reputation; there are human consequences faced by the people involved: Customers, partners, and especially employees.

In the wake of any data breach, you’ll find stress and damage to employee morale—a drop in productivity, as well as speculation, blame, and anxiety about potential career ramifications for anyone involved. There are also hard internal costs: After the breach at Sony, for example, the company paid $8 million in damages to its employees for identity theft, compromised personal information, as well as the resulting legal fees.

Protecting big data, privacy, and your staff means keeping information secure and taking a measured response if an incident occurs.

The Stress of Keeping Big Data Secure

There are different types of data breaches. As listed by the ITRC, hacking topped the list—followed by “Employee Error/Negligence” and “Accidental Email/Internet Exposure.” Security breaches can be malicious, but they often aren’t; exposure can come from something as simple as trying to fix a broken hard drive, like the situation that could have exposed the personal records of 70 million veterans in 2008.

The responsibility to keep data safe isn’t one people take lightly, but it can be intense—and that, perhaps ironically, is when the risk of a breach can go up.

One survey found that “burdensome, complex, and ambiguous information security requirements” can put a lot of pressure on employees, which makes them more likely to violate established information security policies. Other studies have found that people often use “neutralization techniques,” downplaying or ignoring certain values, as a means of justifying policy violations.

Here are steps you can take to help minimize the risk and the related stress on your employees.

Keep Data Secure but Accessible

The first step to preventing a security breach is to tighten high-level security: Identify data that needs to be kept secure and who needs to have access. Leveraging big data to get an advantage over competitors is essential for business strategy, but limiting access helps reduce the possibility of human error.

You must carefully maintain any customer data for business purposes as well as customer safety: Credit card data, purchase histories, personal information, and records of customer interactions can all present opportunities for data breaches.

Whether you store it locally or in the cloud, confidential data should only be available to the professionals who know how to use it. These layers of security can present more issues for IT, but limiting access to an as-needed basis is a critical first step.

Also, never use the same access IDs and passwords for local logins that you use for the cloud.

Educate Employees to Reduce the Risk of Accidents

Employees need training and information to help them make smart data-related decisions with confidence—and to understand when to ask for help.

  • Give employees a robust framework to make decisions about data and information. Make it easy for them to comprehend how they can stay compliant and how to identify when they need to escalate a situation.
  • Provide them with the training the need to understand not just what’s appropriate, but also how they can apply any related skills to their day-to-day work.
  • If employees are accessing sensitive information on unsecured devices, review your company’s “bring your own device” (BYOD) policies. Put safeguards in place that leave no margin for error, not just in securing data and access routes but also giving staff clear expectations.

Engage Employees and Establish Good Habits

As Lucy L. M. Phillips, a consultant with FTI Consulting in London, wrote: “Creating a culture where employees respect data and are motivated to protect the business is critical to cyber security.”

Turning safety procedures into habits can lead to a self-perpetuating cycle of compliance; security considerations become ingrained in employees’ daily processes. Setting a standard operating procedure isn’t enough; to really engage employees in data security, they need to know not just what to do but how to do it properly and why it matters.

In Case of a Potential Breach, Keep Everyone on the Same Page

Chief privacy officers (CPOs) and business owners need to ensure both the security of their information and the safety and sanity of their employees. Safe practices will help both.

  • Have a response strategy and communication plan in place before a situation comes up.
  • Create an incident response team—including IT, HR, and legal—which will be the first involved if a situation occurs. Their role is to manage the process and make sure to notify anyone who might have been affected.
  • Communicate as much as possible without speculating. “Everyone inside the business (and often a lot of people outside) wants to know what’s happening, almost always before there is an accurate understanding of the incident, its impact, and its root cause,” wrote John Parkinson, an affiliate partner at Waterstone Management Group in Chicago. It’s too easy for misinformation and confusion to spread.

Thorough safety protocols, software, and gates are essential, but you need to remember to account for the human element in any data security planning. Give employees the training they need, make data security part of your culture, and make sure your team understands why follow through is critical to keep your corporate—and their own—information safe.

Photo Credit: Share GK via Compfight cc