The Chartered Institute of Personnel Management of Nigeria held its 17th Special Human Resource Forum (SHRF) virtually on Thursday, June 19, focusing on ‘The Role of HR in Cybersecurity and Compliance: Protecting Employee and Organisational Data.’

With an assembly of HR professionals, technology experts, and regulatory authorities, the forum underscored the imperative for HR professionals to transcend traditional functions and assume guardianship of digital trust.

Mallam Ahmed Ladan Gobir, the President and Chairman of the Governing Council of CIPM, in his opening remarks, declared that “when data becomes gold, HR must become the vault”.

He emphasised that in an era where every click and login is logged, HR’s touchpoint with every employee, from onboarding through offboarding, positions it uniquely to shape an organisation’s cyber resilience. He also noted that “when HR gets cybersmart, the whole organization becomes cyber strong.”

Linda Rogers, the Director/Founder and Executive Coach at Leadership House and the forum’s guest speaker, provided a global compliance and cyber risk perspective.

She highlighted the importance of integrating cybersecurity knowledge into HR job descriptions and ongoing professional development.

Citing her experience, she stressed that HR must keep pace with digital transformation by understanding processes such as the Joiners, Movers, Leavers (JML) lifecycle: notifying IT immediately upon employee exit to revoke access and embedding vulnerability protection measures to counter phishing attacks.

On the emerging risks and opportunities of Artificial Intelligence, Rogers urged organisations to agree on approved AI tools (e.g., Copilot) and procure dedicated domains to safeguard data, insisting that AI use remain ethical and aligned with organisational data policies.

Related News

From a regulatory standpoint, Kashifu Inuwa Abdullahi, the Director General/CEO of NITDA, represented by Ayodele Bakare, emphasised the importance of third-party risk assessments when engaging vendors, ensuring compliance with government and industrial frameworks to mitigate data management risks, and strict adherence to the Nigeria Data Protection Act.

Bakare asserted that “when engaging a vendor, conduct third-party risk assessment compliance with government and industrial framework,” ensuring that a partner does not introduce cybersecurity or data management risks and that all practices align with the Nigerian Data Protection Act. This view was echoed when panelists underscored the need for HR to be thoroughly educated on data privacy laws, industry standards, and to “domesticate NDPA” through robust training plans and regular audits.

Addressing the human element,
Adeyemi Ajayi, the Head of Human Resource of SYNLAB Nigeria, stressed that “HR must be a collaborator and have a human firewall,” explaining that organisations need mechanisms to track employee access throughout their tenure. This reflects the idea that HR-led awareness campaigns and phishing simulations help build a vigilant workforce.

On organisational structure, Bashar Logun Babatunde, the Acting Chief Technology Officer of Credit Direct Limited, argued that “cybersecurity should be a standalone division.”

He noted that HR’s role includes advocating for clear reporting lines and ensuring that cyber functions have the authority and visibility needed to act decisively.

Sandra Ukor, the Vice President, Infrastructure Security Cloudware Africa, highlighted technical safeguards, stating that “there must be a right encryption mechanism that includes specified data classification”. She explained that HR must work with IT to classify personal and sensitive data correctly, ensuring that only authorised personnel can access it under appropriate encryption controls.

Ayodele noted that large organisations should designate Data Protection Officers (DPOs) and Data Protection Compliance Officers (DPCOs) to oversee policy implementation; HR plays a key role in staffing and empowering these roles.

As organisations navigate an increasingly complex threat landscape, CIPM emphasises that HR’s proactive engagement in cybersecurity and compliance is no longer optional but essential to safeguarding employee data, organisational reputation, and regulatory standing. Participants left the forum equipped with strategic frameworks and practical recommendations to transform HR into a linchpin of digital defence.

Ifeoma Okeke-Korieocha is the Aviation Correspondent at BusinessDay Media Limited, publishers of BusinessDay Newspapers. She is also the Deputy Editor, BusinessDay Weekender Magazine, the Saturday Weekend edition of BusinessDay. She holds a BSC in Mass Communication from the prestigious University of Nigeria, Nsukka and a Masters degree in Marketing at the University of Lagos. As the lead writer on the aviation desk, Ifeoma is responsible and in charge of the three weekly aviation and travel pages in BusinessDay and BDSunday. She also overseas and edits all pages of BusinessDay Saturday Weekender. She has written various investigative, features and news stories in aviation and business related issues and has been severally nominated for award in the category of Aviation Writer of the Year by the Nigeria Media Nite-Out awards; one of the Nigeria’s most prestigious media awards ceremonies. Ifeoma is a one-time winner of the prestigious Nigeria Media Merit Award under the 'Aviation Writer of the Year' Category. She is the 2025 Eloy Award winner under the Print Media Journalist category. She has undergone several journalism trainings by various prestigious organisations. Ifeoma is also a fellow of the Female Reporters Leadership Fellowship of the Wole Soyinka Centre for Investigative Journalism.

Join BusinessDay whatsapp Channel, to stay up to date

Open In Whatsapp