<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=699785206826853&amp;ev=PageView&amp;noscript=1">

The Human Firewall - Your first and best line of defense

Posted by Stephen Abbey on Feb 10, 2017 9:58:00 AM

Find me on:



Cybersecurity has traditionally been confusing, complex and expensive, and it's becoming worse as we move through 2017. It's an unceasing struggle balancing cybersecurity necessities with keeping up your business's financial growth and capability to deliver service. Most businesses do not have a cyber security team or IT budget to stay on top of developing cyber threats, including Phishing attacks, Malware, and Trojans. There are few technology solutions, which will address today's most critical security troubles and then usually require full-time staff and several vendors. Corporations need to realize they are not just making an investment in cyber point system technology, but also nurturing a security-conscious office culture known as a "Human Firewall." This Human Firewall has four main parts: 1. worker education, 2. minimizing human errors, 3. getting in front of new threats and 4. monitoring the human workforce to confirm compliance. The key target of the Human Firewall is to raise the perception of staff to such an extent that workers become a solid defensive position against attempts to compromise the organization. Building a Human Firewall is much more than just providing one-off security coaching telling your users what's bad and giving them a sheet of paper.

Securable Perimeter.1 Exec Summary IMAGES.jpg

A Human Firewall tries to stop humans from being the primary vulnerability point in organizational security, by upgrading users to think safely. Education must involve each level of the organization and not just treat security coaching as a compliance based "check-box" chore.  There are contrary thoughts on security training: on one side many contend this is small or insignificant value and on the other some value.  Based entirely on real world experience in 2016 and 2017, Securable.io has discovered “just in time education” works best.  Coaching happens when an employee is exposed in real-time to a cyber threat like phishing, mal-advertising, cloud application leakage and their digital footprint with real-time corrective action.

Securable’s Perimeter Human Firewall system trains users not to click links after they have fallen for the phishing campaig.  As opposed to traditional cyber awareness training, where many wasted hours of classroom training have fallen short. Spear-phishing particularly is a risk that is tough to explain to end users, because of the nature of well-crafted e-mails and social engineering.  Again, a system like Securable Perimeter connects the dots to employees with an honest to goodness phishing or mal advertising experience.  Our platform provides the employee training on the spot and quizes the user.  Classic anti-virus sellers can't protect the business from developing threats like spear-phishing, mal advertising; it is a ‘cat and mouse’ game.

Securable Perimeter.1 Exec Summary PERIM GRAPHIC.jpg

The old-school firewall is no longer a clear line between clean and dirty networks. All workers should be taught to think like security pros, at the very least be careful enough to spend a little time reviewing suspicious activity before acting. For instance, they must treat each e-mail in their mailbox with care, and avoid clicking links that appear suspect, out of the correct context or plain unusual.

Workers should also concentrate on the URL and vet the source of the e-mail. Info.Tech departments need to implement policies that are secure but also are not so obstructive that they do not interrupt the flow of business. IT departments should be conscious of their weakness. IT groups have become targets too; they need to review policies around executive entitlements on the network, as well as their weaker controls for e-mail attachments and net skimming. Hackers and spammers exploit man's instinct by employing social engineering to gain trust and them manipulate workers into clicking on malicious links from legit sources on a web page or email.

This more modern attack strategy, known as phishing & mal-advertising, needs the user to be complicit by clicking the link which is the reason why the most guaranteed defense is training staff in real-time about the threat through an interactive system like Securable Perimeter Human Firewall. Some workers will usually click bad links; an extra defensive layer is essential to protect users who either incidentally or deliberately fail to follow coaching and steerage. Eventually, there's the issue of developing threats themselves. The character of new threats, like phishing and malware, is they consistently change and attune to the most recent safety measures. In 2016, Symantec discovered more than 430 million new unique pieces of malicious software. In comparison to 30 million different malware in 2014.

Any point system plan that is reliant on old school solutions i.e. Anything that needs on-premises hardware connected the LAN forestalls companies from getting the most benefit out of today's cloud solutions. Due to its scalability and agility, the lower price of possession and better capacity for a partnership, the cloud has become the 1st place to go when trying to find advanced technology like Securable Perimeter. With a cloud service like Securable Perimeter, a business can gain expert insights, and keep your Human Firewall fit on a daily basis.

The Human Firewall is a sensible and proactive approach to cyber security and should be companies first line of defense before any point systems considered. People are 70% of your Cybersecurity Risk a Human Firewall can reduce this risk substantially. Cyber security risks according to IBM. At the cost of less than ten percent of cyber point systems, human Firewalls are the best and the first course of action to protect your business.

Address your Human Firewall before it is too late, Don't let the cyber bad actors win.

Access one of your skill quadrant Phishing, take the test now.

Phishing Test

Topics: Infosec

Stephen Abbey

Written by Stephen Abbey