CHROs should take a more active role in digital security, Gartner advises

Core Insights - Chief human resources officers (CHROs) need to enhance their role in digital security as HR functions increasingly adopt artificial intelligence and automation tools [1][2] - Gartner outlines four steps for CHROs to ensure data protection: integrating security into HR automation, proactively identifying threats, managing third-party risks, and fostering a security culture [2][6] Group 1: Role of CHROs - CHROs often adopt a passive stance in technology investment decisions, which can lead to significant repercussions during data breaches, including risks to employment brand and intellectual property theft [3] - Many CHROs lack strong digital awareness, hindering their ability to lead AI and digital transformation initiatives [3] Group 2: Data Breaches and Cybersecurity - Data breaches and lawsuits are increasingly frequent, with notable incidents in 2025 involving HR tech vendors and large employers, where personal identifiable information was compromised due to poor security [4] - A ransomware attack on ManpowerGroup in 2024 exemplified the risks, with hackers stealing sensitive documents including Social Security cards and worksite information [4] Group 3: HR's Role in Cybersecurity - Cybersecurity is not solely the responsibility of IT teams; HR plays a crucial role in preventing cyberattacks and managing responses to breaches [5] - HR teams can enhance organizational preparedness through anti-phishing training, incident response plans, and prompt action when issues are reported [5] Group 4: Strategic Security Integration - CHROs can actively incorporate security into their AI and automation strategies from the beginning by improving digital fluency, engaging IT leaders, and including security in all HR tech planning phases [6]