Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats //

Vulnerability Management

02:00 PM
Debby Briggs
Debby Briggs
Connect Directly
E-Mail vvv

Smart Prevention: How Every Enterprise Can Create Human Firewalls

Organizations of all sizes should include both human firewalls and virtual tools in their cybersecurity budgets.

The average cost of a data breach is now $3.92 million, according to IBM and Ponemon. Hackers are taking advantage of the many smart and Internet of Things devices in modern offices, which give them more attack vectors to penetrate networks.

But enterprises are fighting back by training employees to become human firewalls who can secure online resources and act as an added line of defense against phishing attacks. Companies should use technologies such as machine learning and artificial intelligence (AI) to safeguard digital assets further. Combining people and technology is the best way to keep networks and their data safe.

Too Many People and Devices to Protect
There will be more that 20 billion internet-connected devices worldwide by 2020, and that number is growing daily. Many people also employ their smartphones, tablets, and laptops in both personal and professional settings. That may be more convenient, but it heightens the risk of human error because users no longer have a network edge to protect them.

An employee reading personal email on a corporate device bypasses the protections in place. An executive who falls victim to cybercrime on a personal device can similarly endanger the office network.

Phishing scams, which account for more than 90% of these hacks, are disguised in seemingly innocuous messages like banking alerts, travel offers, or (especially during the holiday season) shopping deals. They play on peoples' emotions: An excited or scared user clicks on the link and inputs personal information without asking too many questions.

These attacks are a constant presence in the media, so it might seem surprising that people still fall for them. In recent years, laws like Europe's General Data Protection Regulation and the California Consumer Privacy Act have also highlighted the importance of data privacy.

Users alone aren't at fault, however. Many enterprises don't put time or money into educating personnel on hacking risks. But a properly prepared workforce can be a human firewall that prevents attacks before they begin, so companies must put online safety at the forefront.

Creating a Human Firewall
Everyone from entry-level to C-suite should know how to identify and report breaches so they can defend the enterprise. Training is the most crucial step in this process, and it doesn't need to include rote messages and endless PowerPoint slides. Learning sessions can be humorous, fun, and — most importantly — educational.

One best practice is having the corporate IT department send a simulated phishing email to all employees. Administrators can include a fraudulent offer for a free vacation or other amenity to see which employees recognize the trick. They should then follow up with anyone who clicked the link or opened the attachment to educate them on the dangers of this practice.

Leaders must conduct this instruction in a way that's informative but not heavy-handed. Everyone in the enterprise is on the front lines of this fight, so those with more experience need to help their less-seasoned colleagues rather than shame them.

Once employees know the warning signs, they'll stop falling for hacker schemes. More importantly, they'll start reporting suspicious phishing emails so the IT department can investigate them and keep the company informed about new scams. In this way, the human firewall achieves its real purpose.

The best part is that enterprises don't have to do this work alone. Technology can be an invaluable partner in these initiatives when used correctly.

How Virtual Tools Can Help
Even the best human firewall can't protect and secure a network all on its own. Indeed, 61% of enterprises say they need technologies like AI and machine learning to help detect data breaches. Large companies should use these methods to augment existing processes, thwart attacks, and strengthen security.

Machine learning and AI algorithms study network traffic patterns, email subject lines, and body text. They then compare these elements to a pre-existing bank of malicious content to protect sensitive data and detect threats faster.

If a breach occurs, these technologies can also respond quickly to reduce dwell time. That saves enterprises from client churn, hefty fines, and negative publicity. Companies that put in the effort to develop a robust AI or machine learning interface have more protection against online attacks.

Organizations of all sizes should include both human firewalls and virtual tools in their cybersecurity budgets. Business leaders also need to evolve training programs frequently and update their software as new digital dangers emerge. These critical investments in people and technology help protect companies from risk and strengthen emergency response plans.

Cybercriminals never stop attacking networks, so organizations should never stop defending them. Every business needs to educate its staffers about online security, so they become human firewalls. Industry leaders can also keep enterprise systems safe with state-of-the-art digital resources like AI and machine learning. When human ingenuity and smart technology come together, the whole company benefits.

Related Content:

Check out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's top story: ""How to Build a Rock Solid Culture"


Debby Briggs has more than 20 years of experience in cybersecurity and has been with NETSCOUT for the last 15 years. Prior to joining NETSCOUT, Debby held various network administrator and IT infrastructure roles with leading companies, including RSA, Healthsource, and GTE. ... View Full Bio

Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
US Formally Attributes SolarWinds Attack to Russian Intelligence Agency
Jai Vijayan, Contributing Writer,  4/15/2021
Dependency Problems Increase for Open Source Components
Robert Lemos, Contributing Writer,  4/14/2021
FBI Operation Remotely Removes Web Shells From Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/14/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-04-20
An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file. This issue impacts Checkov 2.0 versions earlier than Checkov 2.0.26. Checkov 1.0 versions are not impacted.
PUBLISHED: 2021-04-20
An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where secrets in PAN-OS XML API requests are logged in cleartext to the web server logs when the API is used incorrectly. This vulnerability applies only to PAN-OS appliances that are configured to us...
PUBLISHED: 2021-04-20
An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where the connection details for a scheduled configuration export are logged in system logs. Logged information includes the cleartext username, password, and IP address used to export the PAN-OS conf...
PUBLISHED: 2021-04-20
A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect app on Windows systems allows a limited Windows user to send specifically-crafted input to the GlobalProtect app that results in a Windows blue screen of death (BSOD) error. This issue impacts: GlobalProtect app 5.1 versions...
PUBLISHED: 2021-04-19
An out-of-bounds (OOB) memory access flaw was found in fs/f2fs/node.c in the f2fs module in the Linux kernel in versions before 5.12.0-rc4. A bounds check failure allows a local attacker to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The hi...