Why there’s been an increase in HR cyber incidents

Gartner has released findings showing that HR cyber incidents resulting from the use of AI have become “more common and harmful”.

Senior principal analyst at Gartner, Emi Chiba, said: “With organisations opting for more automation within their HR systems to contain HR costs, cyber resilience and protection of sensitive personal data across the entire talent life cycle must become foundational priorities.”

Bolstering security in HR automation

“Many CHROs do not have strong digital awareness and are struggling to lead and influence AI and digital transformation,” she said.

Gartner said chief human resources officers (CHROs) should “view technology not just as an enabler but embed it into their strategy and execution”.

“This requires CHROs to strengthen their digital and cyber fluency, engage proactively with IT leaders, and embed security considerations into every phase of HR technology planning to safeguard talent and organisational reputation,” Gartner said.

Chiba said: “CHROs often take more of a passive role in making technology investment decisions; however, when data breaches occur, there are massive implications on talent, including the risk to the employment brand and IP theft.”

Collaboration for proactive auditing

In May 2025, it conducted a survey of 300 cyber security leaders, which found: “Only 43 per cent of organisations conduct regular audits and reviews of public generative AI tools to ensure compliance with cybersecurity policies, leaving many vulnerable to breaches.”

The HR practice suggested that CHROs “work with IT, cyber security, and vendor management leaders to build security into their organisation’s systems and monitor them regularly … to adopt security architecture practices”.

This may include defining the needs of the business with these specialists and reviewing current product security capabilities put in place.

Third-party risk management is crucial

It advised the imperative to partner with not only IT professionals but also procurement and legal specialists “to assess vendor security postures, review audit reports, and ensure that data-handling practices meet enterprise standards”.

Gartner stressed the active role CHROs must play “in establishing and operationalising ongoing third-party risk management.”

Chiba said: “Security incidents, such as a candidate data breach, underscore the importance of a strong partnership between IT and HR when outsourcing HR tasks to a third-party vendor.”

Culture and security go hand in hand

“While security reviews can often feel like a barrier to speed, they need to be viewed as an essential checkpoint,” Gartner noted.

Deeper issues within the organisation are a factor, the HR practice proposed, that may lead to a data breach, further than merely “weak technical controls”.

Organisations that view raising security flags as a hindrance need to rethink their approach, it said.

“CHROs need to foster a culture where raising security flags and taking the time to slow down and assess risks is encouraged and not seen as a bottleneck,” Gartner said.

It recommended: “A key factor in fostering this culture is creating psychological safety amongst employees; employees who feel psychologically safe are more capable of communicating candidly about anticipated issues and solving problems creatively.”