Cyber Summer - Hardware

Users

What is a “human firewall” and how does it protect my business?

Introduction.

In the Hardware section of Cyber Summer we discussed the vital role that your firewall has in protecting your businesses.  It basically monitors traffic and makes decisions about what to allow and what not to allow. And so do your users.  Every single click has the potential to unleash a cyber attack so, alongside the appropriate security software, it is important to ensure the people within your business are able to do their bit to keep your business safe.

The concept of the human firewall is that by taking the same approach with your team members as you would with your security software and keeping them fully up-to-date with the latest threats, how they work, and how to spot them, you bolster your business security in one of it’s most vulnerable areas.

So let’s take a closer look at how to get started building your human firewall.

Why do I need to build a human firewall?

“I’ve already got an expensive firewall and strong antivirus software on every device. Isn’t that enough?”

Great! You’ve taken the first and best step towards being more cyber secure as an organisation.  You should never rely on a human firewall alone. The right cyber security approach will protect you against the majority of hacking attempts.

However, it’s precisely because cyber security software is so good that a human firewall approach is needed.  Attackers are shifting their focus to social engineering attacks precisely because, increasingly, is easier for them to con a person into deploying your virus from within an organisation than trying to hack into it themselves.

According to ICO data, 45% of breaches in 2019 were from phishing attacks, where the human, rather than the device, is the focus of the attack.

The fact is that if your users are in the dark about what common cyber security threats look like, then your business is vulnerable to some of the most common forms of cyber-attack.

How do I build a human firewall?

At the most basic level, “human firewall” is just a catchy phrase for a structured and ongoing education of employees about the cyber security threat environment.

This can be done yourself internally, by bringing external experts into the company, or through a dedicated service such as our own Security Awareness Training platform.

    We can help:

    Use Security Awareness Training alongside Total Email Protection for a complete phishing protection solution.

    > Learn More.

    However you choose to do it though, the most important thing is that you keep it going. Just like your hardware firewall, if you don’t manage it properly and let the updates slip, it quickly becomes less effective.

    The InfoSec Institute identifies 7 elements required for a successful human firewall approach:

    1. Make it easy

    Don’t overwhelm people with too much information at once. Make adoption easier by strengthening a few weaknesses at a time.

    2. Keep education ongoing

    Ad hoc or a few times a year is simple not enough for such an evolving threat landscape. Human firewall education should be structured and continuous, including updates about new threats arise.

    3. Give incentives

    Encouraging participation in the human firewall can be as simple as giving each member special recognition for doing things like catching phishing emails. Studies indicate that public attribution and validation were strong motivating factors in participation.

    4. Include all departments

    People shouldn’t feel intimidated or that they aren’t tech-savvy enough to be a part of the human firewall. In fact, it’s essential everyone is encouraged to join. Attacks can be targeted at anyone, from your entry level positions to your highest level executive

    5. Keep it human

    Those that participate should do their best to help others with cybersecurity concerns, thereby helping change culture and behaviour. Avoid treating people like cogs in a machine.

    6. Monitor vigilance

    Use phishing simulation programs (such as the one included in our Security Awareness Training offering) to send phony emails to unsuspecting employees and see if any links are clicked.  This provides an excellent benchmark for how your business is performing.

    7. Always be evolving

    The human firewall should be on constant alert for new threats, reporting any suspicious activity. As their tactics change, so must the team incorporate new best practices into their system.

      We can help:

      Why not build our free TechBytes and Techsplained videos into an ongoing training plan?

      > Free Videos.

      I now understand…

      • What a human firewall is.
      • How a human firewall approach can help protect my business.

      Request for your
      Cyber Summmer FREEBIES

      By clicking "submit", you agree to One2Call’s Terms of Use as detailed in their Privacy Policy (www.one2call.net/privacy). You consent to receive emails, phone calls and/or SMS messages from One2Call in relation to your enquiry or order, and for marketing purposes upon opt in. Message frequency depends on your activity. You may opt-out by texting "STOP" to any SMS sent from One2Call or by clicking “Unsubscribe” on any marketing email sent by One2Call. Message and data rates may apply for any SMS sent.

      Contact Us

      By clicking "submit", you agree to One2Call’s Terms of Use as detailed in their Privacy Policy (www.one2call.net/privacy). You consent to receive emails, phone calls and/or SMS messages from One2Call in relation to your enquiry or order, and for marketing purposes upon opt in. Message frequency depends on your activity. You may opt-out by texting "STOP" to any SMS sent from One2Call or by clicking “Unsubscribe” on any marketing email sent by One2Call. Message and data rates may apply for any SMS sent.

      Testimonials

      Natasha, W Academy

      Friendly staff who are very helpful.

      Daniel, Motorfinity

      Our move and installation of new IT infrastructure and phone systems couldn’t have been any smoother. The advice we had and technical guidance and support meant we felt totally at ease. Would definitely recommend One2call!

      Mick, MS International

      Easy to get hold of and down to earth.