ABSTRACT
Fast changing technologies and increased sophistication in cyberattacks have heightened the information security and privacy risks for all contemporary organizations. Research shows that security breaches are mainly internal and caused by ignorant and disgruntled employees. As human resource manages employees from recruitment to separation and handles most sensitive personal data of employees in the organization, it plays a critical role in protecting information security and privacy. This chapter provides an overview of the basics of information security and privacy concepts and frameworks. It highlights the major roles human resource functionaries can play in designing, applying, and monitoring appropriate controls throughout the employment cycle, that is, before, during, and after employment to protect information security and privacy.
