On the concept of a human firewall

rakhirhif8963 · Post by **rakhirhif8963** » Thu Feb 06, 2025 4:03 am

Human Firewall: Corporate Security Becomes Personal
06.03.2024
Instead of focusing on technology, threats, or site security, a human firewall aims to make the end user a full participant in enterprise security, reports Network Computing.

Security professionals often use the adage “a chain is only as strong as its weakest link” as the basis for their approach to protecting networks, corporate data, and enterprise IT resources. And in many cases, the weakest link that worries them most is the end user. This, in turn, brings to mind the concept of the human firewall.

Focusing on the user is even more important in today's work-from-anywhere world. Simply put, the new boundary of the network is the end user themselves. Therefore, this is where the firewall should be used.

But there is a broader concept at play here: a firewall is not simply a software application or a physical device that serves as a demarcation point between the corporate structure and the rest of the world. Instead, a human approach to the firewall aims to provide each end user with a combination of tools, threat awareness, and cayman islands mobile database best practices, and to instill in them an understanding of the importance of their role in securing the enterprise.

The idea of using a human firewall strategy to secure an enterprise has been around for years. While the end user has always been an important aspect of any security effort, 2021 and 2022 seem to be the tipping point, with the need for a human firewall coming to the forefront.

Research conducted during this period by the World Economic Forum , IBM, and Cybint found that 90 to 95 percent of breaches were caused by human error. A joint study conducted around the same time by Stanford and Tessian found that human error was responsible for 88 percent of data breach incidents.

Soon after, KPMG began educating its clients about the human firewall as a way to ensure secure behavior and remove the human element from cybersecurity. It defined a human firewall as “people who follow best practices to prevent and report any data breaches or suspicious activity.”

Just recently (February), Metomic, a company specializing in protecting sensitive data in SaaS applications, introduced a set of human firewall features for the SaaS versions of Google, Slack, and MS Teams. The new features perform several security enhancement tasks, while shifting some of the burden from IT and security departments to the users themselves.