Caroline Butler

November 7, 2023

How would I balance the tradeoff of training and additional cybersecurity technology?

As the Chief Information Security Officer, I believe that our limited funds should go towards additional training policies that can help our employees. Enacting additional training policies can help ensure that our employees have the necessary skills to combat any potential cyber attacks. Although we can use our limited budget to purchase cybersecurity technology, I believe that it will be better to use our limited funds to purchase additional training measures to help ensure our employees are equipped with the necessary skills to combat any suspicious activity or potential infiltration of our information technology systems. We could have the most latest computer models in our organization, but it will not matter because our employees do not have necessary training skills to combat cyber attacks in our company. After examining all of the different training methods and policies we can utilize, I believe that we should implement Human Firewall Policies and our employees should possess Human Firewall Traits as well.

What are Human Firewall Policies and Human Firewall Traits?

I believe implementing Human Firewall Policies will show great promise for our employees to utilize. Human Firewall Policies provide awareness about clicking on suspicious links, downloading sketchy software, how to recognize phishing scams, and how to store our company passwords safely. According to Ascendant, “An example of a human firewall is basic employee training on cybersecurity best practices. A human firewall requires that companies can provide their staff with training on how to store passwords safely, protect personal devices from malware, recognize phishing scams, avoid clicking suspicious links or downloading unknown software, and more.”  (Cyber Security gaps: The Human Firewall: Ascendant, 2023). By providing the necessary Human Firewall Policies, our employees will be equipped with the policies to help look out for any suspicious activity, as well as allow our employees to input their personal information safely. Not only should our employees utilize the Human Firewall Policies, our employees should also possess Human Firewall Traits. An individual possesses five Human Firewall Traits to help prevent future cybersecurity debacles. The first Human Firewall trait that an individual demonstrates is entitled thinking before clicking. (Kober, 2022). The Human Firewall trait thinking before clicking entails that an individual should think before clicking on anything on the internet, such as reading emails carefully to ensure that the email’s components are legitimate, hovering over links to ensure that the URL leads the individual to a well-known website, and ensure that an organization’s data is accurate. According to Kober, “A human firewall reads emails carefully, hovers over links to display the full URL, and treats all requests for sensitive data with skepticism.” (Kober, 2022). The second Human Firewall trait that an individual demonstrates is entitled Using situational awareness. (Kober, 2022). The Human Firewall trait Using situational awareness entails that an individual should use caution when accessing sensitive information from other organizations. (Kober, 2022). The third Human Firewall trait that an individual demonstrates is entitled Respecting privileged access. (Kober, 2022). The Human Firewall trait Respecting privileged access entails that an individual should create strong passwords for their accounts and devices. (Kober, 2022). The fourth Human Firewall trait that an individual demonstrates is entitled Reporting incidents immediately. (Kober, 2022). The Human Firewall trait Reporting incidents immediately entails that no matter the magnitude of the incident, it is imperative that employees should report the incident as soon as possible. According to Kober, “It doesn’t matter how big or small the incident seems. A secure door left open, an unknown individual hanging around the office, a phishing email, a smart device or computer malfunctioning — your organization relies on strong human firewalls like you, to report these types of incidents as soon as possible.” (Kober, 2022). The final Human Firewall trait that an individual demonstrates is entitled Always following policy. (Kober, 2022). The Human Firewall trait Always following policy entails if an individual fails to follow the necessary Human Firewall Policies, it can result in data breaches and other harmful security incidents. According to Kober, “Failure to follow policy could lead to data breaches, ransomware attacks, or other damaging security incidents.” (Kober, 2022). Enacting Human Firewall policies and demonstrating Human Firewall Traits will help ensure that our employees will combat future cyber attacks and employees will be equipped with traits that will be useful in navigating the internet. 

Conclusion

In conclusion, utilizing our limited funds for enacting Human Firewall Policies will be beneficial for our company employees. Enacting Human Firewall policies can also result in a change of our employees exhibiting Human Firewall Traits. If our employees are not familiar with the Human Firewall Policies, then it would not be prudent to spend our limited budget on additional cybersecurity technology. Human Firewall Policies provide awareness about the results of clicking on suspicious links, recognizing phishing scams, and downloading sketchy software. Once our employees are familiar with the Human Firewall policies, our employees may start to exhibit the five Human Firewall Traits. These five Human Firewall Traits consist of Thinking Before Clicking, being careful when accessing data from other organizations, constructing strong passwords, reporting incidents, no matter the severity, and always following necessary Human Firewall Policies. By spending our money on additional training policies, our employees will always know what to do in the event of a cyber attack. 

References

Cyber Security gaps: The Human Firewall: Ascendant. Ascendant Technologies, Inc. (2023, February 11). https://ascendantusa.com/2023/02/11/human-firewall/#:~:text=Examples%20Of%20Acting%20As%20A%20Human%20Firewall,-Employee%20Cybersecurity%20Training&text=A%20human%20firewall%20requires%20that,downloading%20unknown%20software%2C%20and%20more. 

Kober, M. (2022, August 16). Security awareness: 5 traits to become a human firewall. Connections. https://blog.hawaiiantel.com/connections/blogform-security-awareness-5-traits-to-become-a-human-firewall