Back to Blog
9 Mar 2021

What is a Human Firewall and how can you build one?

For a long time cyber security was assumed to be an IT issue, but in today’s modern threat landscape, this couldn’t be further from the truth. Cyber security covers more than just technological solutions, it’s also about human defences. Humans can be unpredictable, and stress factors easily effect judgement.

And that’s why cyber security isn’t just an IT issue, it’s a business wide problem and a responsibility for all employees. They need to be aware of the threats, and the devasting consequences of falling for the trap. A staggering 97% wouldn’t be able to recognise a phishing email.

This brings us onto the need to build a Human Firewall.


What is a Human Firewall?

We know what a ‘normal’ firewall is, it acts as the first line of defence to block outside threats and create a barrier between secured and controlled networks.

A Human Firewall follows a similar concept – using humans (your workforce), as the barrier between cyber criminals and your infrastructure. It focuses on the understanding and alertness of employees, and how they can make smarter security decisions.

Humans are the weakest links, so they need to be educated.


How can I build a Human Firewall?

1. Start forming a security culture

The more employees you have onboard, the stronger your firewall gets. But it’s worth noting that employees need to be taught the ‘why’ before you teach them the ‘how’. So for step one, get them personally invested in security.

If employees aren’t aware of why it’s important, the chances are they won’t be as invested to learn the threats and how to prevent them. But, if they’re conscious of the enormous impacts a breach can bring, they’ll more than likely be willing to actively participate and be a part of the security culture.

2. Build awareness and knowledge

When planning your security awareness training, schedule regular training sessions for your employees, and not just a one-time event. Threats are constantly evolving, and as they evolve, employees also need to be kept in the loop.

KnowBe4 conducted a Phishing by Industry Benchmarking study where they found that regular, on-going training produced better results opposed to one-off training days. It takes 21 days to form a habit, so use the same principle and apply it to security training. The more your employees hear about the importance of security awareness, and what they can do to combat threats, the stronger your firewall gets, and you’ll start to notice behavioural changes.

3. Test your employees

Education is an important part of security awareness training, but you also need to know if your employees are soaking up this information and put it to the test! Consider a security awareness training provider that offers simulated phishing tests. This way IT departments can track how employees respond. If employees do happen to fail these tests, they can then be guided further on how to detect and react to future emails.

4. Incentives

Reward your employees for successfully committing to training and passing security tests. If employees are given something in return for the expected behaviour, they’re more likely to stay committed to the training and be a part of the security culture.

The ‘new normal’ is here to stay, and cyber criminals will continue to use the current situation as an opportunity to target employees. Your business needs to be protected, and the best defence against it is by turning your workforce into a cyber threat shield.


Learn more in our on-demand webinar about the human firewall and find out how you can turn your weakest links, into your biggest assets. Hear from our experts speakers, Carl Henriksen, CEO of OryxAlign and Javvad Malik, Security Advocate at Knowbe4.


Here’s what you can expect:

- The latest cyber security risks and trends

- The concept of a human firewall

- How to easily build your own Security Awareness Training Program

- Expert tips and advice from our speakers



If you’re looking to find out more information, or learn how you can build a security awareness training program for your employees, get in touch with our cyber security team today.

Or, you can skip straight to booking a demo and we’ll walk you through a live one-to-one run through of the KnowBe4 platform and it’s features.


By OryxAlign

Back to Blog