The Human Firewall — a First Line of Defense

By August 4, 2023LTEN Focus On Training

 

Technology – By Susan Robbins

Training strengthens the human element of cybersecurity

Cybercrime costs victims more than $6 trillion annually, and that cost is expected to grow to more than $10 trillion by 2025. Corporations invest millions of dollars in technology to protect against these financial losses and the associated damage to their reputations, but there is a human element to data security that is at least as important.

Even with the most up-to-date security software and technology, organizations cannot guarantee that employees will not click on a malicious link or respond to a text sent by a bad actor. With employees often representing the weakest link in any security effort, the human firewall is an essential first line of defense against the theft of sensitive information or efforts to compromise your organization’s network.

Trained Responses

Most people think of firewalls as hardware or software that protects networks and devices from unauthorized access and cyberattacks. A human firewall represents the behavior of personnel within an organization that helps to prevent cyberattacks. People who are adequately trained against these threats become an effective extension of the organization’s security protection mechanisms.

How can you determine if your team is providing that additional layer of protection for your organization? Look for and encourage the following actions or behaviors:

  • Identify suspicious or unusual emails to the IT department or other responsible individual.
  • Don’t open emails or click on links from unknown senders.
  • To raise awareness, discuss the latest gift card scam texts circulating.
  • Ask “Did you really send me this email?” before opening or responding.
  • Be aware and avoid connecting to untrusted wireless networks.
  • Think critically and question the authenticity of information, emails and websites.
  • Create and maintain strong and unique passwords that are protected and not shared.
  • Update passwords regularly.
  • Use multifactor authentication for all accounts that contain sensitive information.

Provide your human firewall with up-to-date information about new cyberattack techniques and their consequences, empowering them to protect the company and themselves. It’s important to be realistic and understand that these changes won’t happen overnight. But if you are diligent, these behaviors will become your new normal.

Time and Persistence

Regular training is critical to any cybersecurity effort, because cybercriminals are constantly coming up with new ways to scam individuals and companies. But there are some ingrained habits that can make this transition difficult.

Human beings in the digital age seem hardwired to reply, click links and open attachments, especially when they appear to come from a manager, co-worker, customer or industry contact. And while this fire-ready-aim approach may demonstrate a commitment to customer service and engagement, it also opens the door to bad actors.

Some options include:

  • Multi-module security awareness training every two months to all employees and deploy phishing campaigns monthly on a random basis.
  • Test employees for their phishing response three times per year. Share results as percentages, and if an employee fails one or more phishing campaign, follow up with remediation.
  • Provide employees with a submit email button on their Outlook toolbars tohelp them report suspected phishing with a single click.

Get Creative to Grab Attention

Getting employees to take cybersecurity seriously can be a challenge. Some may respond to statistics, while others find them too abstract.

Meanwhile, straightforward instruction may seem too simplistic when many employees think cybercrime is a problem primarily for the older population. The reality, however, is that people in their 30s are targeted most often by cybercriminals, and 18- to 24-year-olds are considered the most vulnerable to attacks despite their perceived higher level of digital literacy.

One option for making this instruction stick? Start with humor. Research has shown that humor and visuals aid memory retention, and a recipe light on stats, grounded in how-to and leavened with a healthy dose of situational humor works.

Conclusion

Organizations can and should invest in technology to guard against cybercrime, but no effort is complete without considering the human aspect of data security. By taking the time to train employees to identify and report security risks, organizations can build a human firewall that should stand against all manner of attacks.

Susan Robbins is director of training for HeartcoR Solutions. Email Susan at srobbins@heartcorsolutions.com.

 

LTEN

About LTEN

The Life Sciences Trainers & Educators Network (www.L-TEN.org) is the only global 501(c)(3) nonprofit organization specializing in meeting the needs of life sciences learning professionals. LTEN shares the knowledge of industry leaders, provides insight into new technologies, offers innovative solutions and communities of practice that grow careers and organizational capabilities. Founded in 1971, LTEN has grown to more than 3,200 individual members who work in pharmaceutical, biotech, medical device and diagnostic companies, and industry partners who support the life sciences training departments.

Recommended For You

LTEN Focus On Training

Three Ways to Make Your Virtual Class More Accessible

LTEN
LTENApril 8, 2024
LTEN Focus On Training

Immersive Learning: Engaging Virtual Environments

LTEN
LTENApril 8, 2024
LTEN Focus On Training

Customer-Centric Approaches to Market Access Messaging

LTEN
LTENApril 8, 2024

Leave a Reply

  • Join
  • Login
  • Contact
  • Generic selectors
    Exact matches only
    Search in title
    Search in content
    Post Type Selectors
    Search in posts
    Search in pages
    Filter by Categories
    LTEN Bonus Focus
    LTEN Focus On Training
    LTEN Learning Executive Series
    Member News
    NEW from LTEN