Back to Blog
9 Mar 2021

What is a Human Firewall and how can you build one?

Cyber security was assumed to be an IT issue for a long time, but in today’s modern threat landscape, this couldn’t be further from the truth. Cyber security covers more than technological solutions; it’s also about human defences. Humans can be unpredictable, and stress factors easily affect judgement.

And that’s why cyber security isn’t just an IT issue; it’s a business-wide problem and a responsibility for all employees. They must know the threats and the consequences of falling for the trap. A staggering 97% wouldn’t be able to recognise a phishing email.

This brings us to the need to build a Human Firewall.

What is a Human Firewall?

We know what a ‘normal’ firewall is; it acts as the first line of defence to block outside threats and create a barrier between secured and controlled networks.

A Human Firewall follows a similar concept – using humans (your workforce), as the barrier between cyber criminals and your infrastructure. It focuses on the understanding and alertness of employees and how they can make smarter security decisions.

Humans are the weakest links, so they need to be educated.

How can I build a Human Firewall?

1. Start forming a security culture

The more employees you have onboard, the stronger your firewall gets. But it’s worth noting that employees must be taught the ‘why’ before you teach them the ‘how’. So, for step one, get them invested in security.

If employees aren’t aware of why it’s important, they won’t be as invested to learn the threats and how to prevent them. But, if they’re conscious of the enormous impacts a breach can bring, they’ll more than likely be willing to participate and be a part of the security culture actively.

2. Build awareness and knowledge

When planning your security awareness training, schedule regular training sessions for your employees, not just a one-time event. Threats are constantly evolving; employees also need to be kept in the loop as they grow.

KnowBe4 conducted a Phishing by Industry Benchmarking study, finding that regular, ongoing training produced better results than one-off training days. It takes 21 days to form a habit, so use the same principle and apply it to security training. The more your employees hear about the importance of security awareness and what they can do to combat threats, the stronger your firewall gets, and you’ll start to notice behavioural changes.

3. Test your employees

Education is an important part of security awareness training, but you also need to know if your employees are soaking up this information and put it to the test! Consider a security awareness training provider that offers simulated phishing tests. This way IT departments can track how employees respond. If employees fail these tests, they can be guided further on detecting and reacting to future emails.

4. Incentives

Reward your employees for successfully committing to training and passing security tests. If employees are given something in return for the expected behaviour, they’re more likely to stay committed to the training and be a part of the security culture.

The ‘new normal’ is here to stay, and cybercriminals will continue to use the current situation as an opportunity to target employees. Your business needs to be protected, and the best defence against cyber threats is turning your workforce into a cyber threat shield.


Learn more in our on-demand webinar about the human firewall and discover how to turn your weakest links into your most significant assets. Our expert speakers are Carl Henriksen, CEO of OryxAlign, and Javvad Malik, Security Advocate at Knowbe4.


Here’s what you can expect:

  • The latest cyber security risks and trends
  • The concept of a human firewall
  • How to easily build your own Security Awareness Training Program
  • Expert tips and advice from our speakers

If you want more information or learn how to build a security awareness training program for your employees, contact our cyber security team today.

Or, you can skip booking a demo, and we’ll walk you through a live one-to-one run-through of the KnowBe4 platform and its features.

By OryxAlign