New research reveals HR industry highly vulnerable to cyber-attacks

A new research report from IT services provider OGL Computer – The State of Technology at UK SMEs – reveals that SMEs operating in the HR and recruitment sector are among one of the leading industry verticals suffering from multiple cyber-attacks.

Alongside SMEs in healthcare, IT & telecoms and legal industries, HR and recruitment SMEs top the list of those suffering multiple attacks. Within the HR and recruitment sector 62% of respondents had suffered 2 or more breaches, while 37% had suffered 3 or 4 breaches.

The reasons are clear. Payroll fraud, recruitment scams, corporate espionage – cyber-attackers have found numerous routes into organisations via HR. Any identifiable information is valuable to criminals, and payroll and other HR systems are a treasure trove of names, addresses and bank details. If this is compromised, not only can it affect individual employees, it also gives attackers more ammunition with which to increase the likelihood of a successful attack on other parts of the business.

Additionally, recruitment agencies are prime targets for malware. If hit by a data breach, employment agreements and sensitive documents such as passport scans and visa details are all left exposed.

The report also highlights newer technologies such as 5G and robotics that HR SMEs plan to adopt, how SMEs are using technology to power remote workforces and what technologies they are adopting for growth.

Cyber security features heavily in the report with respondents revealing attack frequency, cyber strategy status and employee training to combat hackers.

The top six verticals where respondents had more than one breach, by vertical:

Sector 2 breaches 3-4 breaches


75% 25%
IT & Telecoms 75% 24%
Legal 66% 33%
HR & Recruitment 62% 37%
Manufacturing & Utilities 57% 42%
Finance 50% 50%

One respondent said his SME suffered at least 8 attacks.

Cyber security features heavily in the report with respondents revealing attack frequency, cyber strategy status and employee training to combat hackers.

  • The vast majority of HR and recruitment sector SMEs confirmed that they were increasingly worried, with 81% more fearful of a cyber-attack or data breach
  • 81% of UK SMEs confirmed that they had suffered a data breach or cyber-attack
  • Nationally, nearly 1 in 5 (17%) IT decision-makers surveyed have no cyber strategy in place, while the HR sector respondents confirmed that they all had a strategy in place
  • 76% of the HR and recruitment sector respondents agree that they are nervous about moving from an on-premise IT infrastructure to a cloud infrastructure due to fears of data security
  • 98% of IT decision-makers in SMEs educate employees about how to identify a cyber threat, with the most popular approach being a combination of external and internal training (32%)

Colin Dennis, Head of Technical Operations, OGL Computer says:

Cyber security has been front of mind for SME customers for some time now, as awareness of cyber-risks continues to rise. Proactive management of IT requirements is in many ways connected to this trend, as businesses of all sizes look to compliance requirements as well as asset protection and disaster recovery.

%d bloggers like this: