Modern thinking about a comprehensive cybersecurity strategy includes a holistic approach that equally involves your users as a “human element” within your cyber defenses.
I’m guessing your cybersecurity strategy already includes a number of different software solutions that monitor, analyze, authenticate, audit, and report activity on your network and access to internal resources. But I’m glad to see more industry experts discussing the need to include users as part of the strategy to become the “human firewall”.
In the article titled “The human firewall’s role in a cybersecurity strategy”, author Jessica Groopman does a great job defining what the term means (“the line of defense people constitute to combat an organization’s security threats”), as well as offer advice on where organizations need to place their focus to have this part of a solid defense in depth security strategy be as strong as those parts using software solutions.
At the core of building a strong human firewall, Groopman advises that organizations “provide extensive education, simulation, training and relevance to workers”. In other words, Security Awareness Training and Phishing Testing.