Almost all areas of risk control are getting more expensive, staffing, security systems, cyber insurance, etc. These relatively new costs are cutting into the profits of the HCM industry. These costs are likely to grow for a few years at least and any containment of the costs would go right to the bottom line.

HCM Defender Objectives

• To provide outsourcing services that might help our members not have to hire an expensive and difficult to find full-time security person
• To develop relationships with insurance providers to help lower insurance costs for our members
• To negotiate preferred rates with high quality security vendors so that lower costs can be passed on to all sizes of organizations in the HCM industry

The problem with having a lack of clarity into the types of attacks facing the HCM industry is that the means and motives of digital criminals remains a mystery. By providing a confidential space for HCMs to report on an event, HCM Defender will be able to log what is happening within the market and aggregate that information to warn the industry about specific dangers.

HCM Defender Objectives

•  To build a process so that those in the industry can see the value of, and is motivated to, share details of attacks on their companies confidentially
• To build a database to track all information given about the scope and type of cyberattacks within the industry and look for patterns and consistencies

In a battle to keep from having a serious digital event, acquiring actionable information from a trusted source is important. Today, in the industry, most companies are forced to make do with anecdotal stories from peers.

HCM Defender Objectives

• To cultivate relationships with large industry organizations, such as NAPEO and PACE, to speak at their events, and update the industry on the latest in cybersecurity attack vectors and remediation results

It will help HCM industry leaders to have a trusted and customized set of documentation and best practices to serve as a benchmark of cybersecurity for internal staff. From first developing best practices, then making them standards, then providing certifications that could be used to lower insurance costs and raise customer trust, we will help our members build stronger cybersecurity practices.

HCM Defender Objectives

• To quickly establish documented HCM industry best practices for all areas of cybersecurity.
• To use these as a checklist for HCM leaders to set expectations with their teams and thereby raise the level of defense across the whole industry

The changing cybersecurity insurance market is a real looming danger. The HCM industry will soon find the combination of rising rates and contractual requirements developing into financial hurdles. It is the right time to develop relationships with either vendors or providers who can partner to provide good policies.

HCM Defender Objectives

•  To work with insurance providers to develop specific levels of policies and underwriting methods to serve the various sizes of organizations in the industry
• To negotiate with insurance providers to get lower rates than most HCMs could get individually

When a digital event occurs, there is little time to figure out who can provide the best advice. HCM Defender will be an entity that has no agenda other than helping industry members remediate security events as effectively as possible.

HCM Defender Objectives

• To provide the capability to guide a HCM industry organization through cyber incident response.
• Responses can range from advice in the moments after an event has been detected to actually guiding the incident response until full remediation has occurred.

HCM Defender will invest time to find the best security vendor solutions and negotiate industry pricing. We will also train the vendors on the HCM industry dynamics so they understand how helping a HCM might be different than other organizations.

HCM Defender Objectives

• To develop a comprehensive list of trusted vendors with preferred pricing for various aspects of cybersecurity
• To train vendors on the HCM industry dynamics so they are knowledgeable about how to be most helpful when needed

One of the important defenses for cyber events is to have effective policies and procedures in place to lower risk. HCM Defender will maintain an evolving knowledge base of security governance documents so that members can be on the leading edge of cybersecurity governance.

HCM Defender Objectives

• To build and maintain an excellent library of documentation that can be used by the HCM industry to implement cybersecurity governance
• To provide advisors who can explain the need to implement the governance methods to members

The HCM industry has thrived partly because members are often willing to help other members. Cybersecurity events and defensive methods are not topic that are well broadcasted. However, members are often willing to share with their peers in the industry when needed. HCM Defender can be a resource to help members know other industry peers who can provide valuable experience.

HCM Defender Objectives

• To provide a clearinghouse for peer advice on topics such as network defense or incident response