How to create your own Human Firewall
Phished helps you build your own Human Firewall, but what does that mean, and why is it important?
The world of technology is not standing still. On the one hand it provides us with many good things: applications that make our lives easier, or let us live longer and healthier. On the other hand, it means that we are confronted daily with new ways to make our lives a little easier. Hackers evolve along with us.
From a technical mindset to a human one
For years, almost all corporate efforts for a good cybersecurity strategy went to the technical means. They reached such a high efficiency that cybercriminals had to look elsewhere for their salvation: in the human factor.
Today, over 90% of all cyber attacks start with a human error. An employee unintentionally clicks on a phishing link, after which ransomware takes over the company. It happens more often than you might suspect. Therefore, there is an urgent need to realise that an investment in the Human Firewall is just as necessary as an investment in technical infrastructure.
Evolution in training
The traditional cybersecurity awareness training no longer meets the requirements to build a Human Firewall. Some basic ingredients are missing: regular training and activating employees so they feel committed to the cybersecurity policy of their company.
Too often, organisations rely on sporadic training that takes place twice a year at most. A regular, short-lived impulse is needed to keep people alert. At Phished, we recommend leaving no more than 15 days between training sessions.
Activation as teambuilding
By activating employees, an organisation will ultimately be much more secure: if people feel involved, a certain sense of honour comes into play. They will absolutely want to prevent 'their' company or colleagues from being hit by a cyber attack. Such activation does not have to be time-consuming: a regular test by AI-driven phishing simulations can be enough to create a 'us-against-the-system' feeling.
People perform better when they feel they are making a contribution that helps the company achieve a goal. Regular training ensures that employees are aware of potential cyber dangers. When they encounter a real threat, they feel validation in discovering and puncturing the trap.
The importance of the Human Firewall
In addition to preventing cyber attacks, a well-functioning Human Firewall has a second benefit: if an employee does fall into the trap, they immediately know what to do. No one is infallible and accidents can happen, but not knowing what to do when problems arise risks making the situation worse.
If an employee has been properly trained, he will immediately take the necessary steps to avoid unnecessary loss of money, data and reputation. There will still be consequences, but they can be managed better if everyone knows their role in a crisis scenario.
Prevention and cure
'Prevention is better than cure': it is good advice, but in a rapidly changing world it is impossible to be prepared for everything. Those who have been properly trained will be able to unmask almost all possible cyber threats, but they will also know what to do in case of a successful cyber attack.
The Human Firewall goes a lot further than cyber awareness training, because it activates and motivates people to be involved in the company's cyber security strategy. This way, you help prevent problems, and cure them if necessary.