This post was originally published on this site
Human resources leaders are increasingly being pulled into the front lines of workforce protection as identity-based cybersecurity attacks accelerate. In the first half of 2025 alone, these attacks surged 32%, according to Microsoft data, with more than 97% aimed at passwords.
At the same time, cybercriminals are using AI to automate phishing efforts and craft far more convincing social engineering schemes. With employees now serving as the primary shield against these threats, HR’s role in organizational security is becoming more critical and more complex than ever before.
New research from Forrester predicts that by 2026, more than 60% of security leaders will make workforce risk reduction a formal part of their strategy. The shift marks a change in how organizations approach security, moving beyond technology alone to encompass the people who use it.
Agi Garaba, UiPath
“HR can and should play an important role in this topic,” says Agi Garaba, chief people officer at automation platform UiPath. “Internally, HR should focus on building relationships and working closely with stakeholders across the organization, especially in risk, operations, security and IT.”
Additionally, the Forrester research indicates that 40% of security organizations will add a dedicated workforce risk role, creating new opportunities for
