How HR Leaders Can Support Cybersecurity in a Ransomware World

Less than two weeks before Christmas, a cybersecurity disaster struck users of UKG’s Kronos Private Cloud services. A ransomware attack left systems like UKG Workforce Central, UKG TeleStaff, Healthcare Extensions and Banking Scheduling Solutions crippled. 

These solutions serve both public and private sector employees, with high concentrations in public safety, healthcare and financial services. Companies affected by the cybersecurity breach were mostly using the Kronos applications for time tracking, scheduling and payroll purposes. For healthcare talent leaders in particular, it was a lump of coal in their stocking after a particularly brutal year.

The shake-up led to companies following a variety of contingency plans, including manual time tracking and scheduling and using new payroll systems. Some companies with Christmas payrolls imminently due made the choice to average employee pay and make any corrections once the system is restored. 

At the time of this writing, UKG is slowly getting services restored. Today still, the company's leaders remain forthcoming about the status of the restoration. It’s still unclear whether the ransomware attack had anything to do with the Log4J security vulnerability, but UKG isn’t some new company with relaxed cybersecurity procedures. 

Until there’s more information, it seems wise to assume that what happened to Kronos Public Cloud isn’t just a cybersecurity failure at UKG. Any potential zero-day vulnerability could likely wreak havoc if it affected any significant cloud environment.

Cybersecurity Contingency Plans

Those using systems unaffected by the attack may be breathing a sigh of relief. I know I would. But it can’t stop there. 

Companies need to take a look at all of their current critical people systems and revisit their contingency planning. Are they up to date? Do they cover all critical systems? Does everyone know where to find the information on those contingency plans? How hardened are the plans for different outage scenarios? For example, what is the contingency for a service outage with one particular solution versus a disaster outage with no internet access at all?

For many organizations affected by the ransomware outage, there unfortunately wasn’t clear planning done. While an outage of this significance means more work for everyone, not having a plan adds additional stress and uncertainty on everyone.

Some organizations, for instance, may use a third-party payroll provider for these services, but it is still the organization’s responsibility to pay its people. That means that for some systems, there is a legal obligation to be better prepared. Best-faith efforts can make a significant difference in times of crisis.

Related Article: Protecting Data Against the Rising Tide of Ransomware

Teaming Up for a Cybersecurity Solution

Even the best contingency plan won't prevent future cybersecurity incidents. Cybersecurity today isn't about preventing attacks but about how quickly the company can identify a breach, respond and restore services. It's about resiliency.

Learning Opportunities

ON DEMAND

Collaboration in a Distributed Workplace: Tools and Techniques of Top Performing Teams

Watch Now

ON DEMAND

Improve Knowledge Sharing: The Key to Employee Productivity

Streamline team collaboration and engagement

Watch Now

ON DEMAND

How McDonald’s Drove Productivity Through an Elevated Employee Experience

In the new remote/hybrid workplace, work/life boundaries are blurred and workplace stress is a top driver of mental health needs.

Watch Now

ON DEMAND

How to Future-Proof Your Employee Experience Strategy in 2023

A framework to navigate through economic uncertainty

Watch Now

ON DEMAND

Challenges to Efficiency in 2023: Your Employees Need the Digital Workplace of the Future

The era of asking employees to do more with less is upon us

Watch Now

ON DEMAND

The Essential Role of Communicators in Fostering Wellbeing in the Digital Workplace

Join us for practical insights on how digital communicators can support employees to thrive in the digital workplace

Watch Now

ON DEMAND

Addressing Employee Needs and Wants with a Digital Workplace

The workplace is getting more and more digital – both in how we work and where we work

Watch Now

ON DEMAND

Maintaining a Human-Centered Approach During Digital Transformation

When it comes to digital transformation - people drive change, not technology

Watch Now

ON DEMAND

The Evolution of Employee Recognition

Leveraging the power of appreciation to improve the employee experience

Watch Now

ON DEMAND

Are You Blocking Your Internal Comms Team Without Knowing It

Best practices & tips to help IC teams thrive

Watch Now

ON DEMAND

Cyber Resilience In The Cloud Is Not Optional

In today’s age of ransomware and widespread cyber attacks, your cloud data needs to be protected.

Watch Now

View All

As cloud solutions have become the norm in the digital workplace, the need for HR leaders to engage a CIO, CISO or other IT expert on a company's cyber resilience isn’t seen as foundational as it once was. But for those who haven't been as involved in recent deployments, now may be a good time to revisit the landscape and measure any potential risk against the systems they have in place today.

Most enterprise HR leaders use dozens of solutions on a day-to-day basis. Prioritization is key to making the best use of time for both HR and IT. One HR leader told me his company only looks at systems that house critical employee and dependent personal information or systems that could lead to severe business disruption. This enabled them to skip the evaluation of their third-party people analytics tool because of its limited ability to pull personally identifiable information. While a hack of that system wouldn’t be great, the risk would be more limited than, say, a payroll system. 

IT leaders will also be keen on a solution provider’s own contingencies. Do they have failover systems? What sort of backup cadence do they have, and what’s the timing for getting systems patched and up again after a disruption? A seasoned CISO, CIO, IT leader or other experienced security professional will be able to dive into those challenges. 

Related Article: Does Your Organization Need a Chief Data Officer? Probably

Act Soon, But Don’t Panic Buy

If anything, the UKG ransomware attack has given everyone the talking points needed to prioritize critical areas in 2022. So, unless a company is in the midst of an actual business disruption, there’s no need to go out and grab the first solution available. 

Instead, working with a broad team of IT, HR and operations leaders will help ensure that any new solution selected will take care of both business and people needs, while also being secure. This can also be a great opportunity to update neglected, outdated systems that aren’t meeting the needs of the business anyway. 

With the shift in the workforce to more hybrid and remote environments, threat vectors have increased (or at least changed). The changes brought on through the pandemic have given HR and IT the opportunity to work together and create the next generation of solutions for their workforce.

But none of that matters if critical information is compromised or key systems are down for weeks. The time to collaborate and work to secure and upgrade solutions is now. There might not be another opportunity like this for years.

Learn how you can join our contributor community.

About the Author

Lance Haun is a leadership and technology columnist for Reworked. He has spent nearly 20 years researching and writing about HR, work and technology. Connect with Lance Haun: