Engaging users in ensuring security

Rakhiraqsdiwseo · Post by **Rakhiraqsdiwseo** » Sun Feb 09, 2025 7:45 am

The core of KPMG and vendors' efforts to create a human firewall is to continually remind end users of their role in securing the enterprise and provide them with supporting information and tools. The challenge is to do this in a way that captures each user's attention without overwhelming them or disrupting their work.

Informa, for example, runs a Cyber Ambassador program. “The program’s goals are to move towards making security everyone’s responsibility, not just the IT department and security team, and to increase the awareness and education of colleagues in the field of cybersecurity,” says Richard Walker, Informa’s manager of information security culture and awareness.

The program consists of volunteer ambassadors undergoing special training and receiving information about new threats and other security issues affecting the company. They then convey the company's key ideas in the field of cybersecurity to colleagues in their departments.

In one case, they were told about a senegal mobile database method used by thieves to steal iPhones by knowing the user ID. In many cases, the thieves immediately change the user's iCloud, bank account, and online store credentials. Once the credentials are changed, the real owner of these accounts has no way to regain access to them.
They were then told how to change certain iPhone settings to protect those accounts, even if a thief opened the phone with the correct credentials. Apple has since addressed the issue. But before that happened, each ambassador passed on the information about the new threat and how to fix it to their colleagues.

Conclusion
Technologies like broadband, 5G, SASE, Wi-Fi 6 (and soon Wi-Fi 7) have empowered enterprise users to work from anywhere. The downside of this freedom is that every user is now an access point for malicious activity and data leaks. This makes it much harder for enterprise IT and security teams to do their jobs.

That’s why the human firewall is so important. This approach aims to make the end user an equal participant in the enterprise’s security. In addition to traditional measures such as mandatory cybersecurity training and the use of cybersecurity software, organizations that employ a human firewall strategy provide the necessary resources and information to make every end user part of the enterprise’s overall security program.