Periklis Gkolias

In cybersecurity, tech dams alone are not enough to defend against the ever-evolving landscape of threats. We all agree that network firewalls, web application firewalls (WAFs), security information and event monitoring (SIEM) solutions, and other related software are essential layers of protection.

But there is another crucial line of defense that often goes overlooked: the human firewall.

What do I mean by the term human firewall? I am referring to the collective awareness and security knowledge of an organization. A defense is formed when every individual actively participates in the defense strategy. It’s similar to a firewall: one open port can expose the internal network to the attackers, and one individual can become the weakest link and allow the bad actors to come through.

We create defense when everyone understands that the weakest link can wreak havoc in an otherwise perfect creation. From the CEO to the newest intern, all are equally essential parts of the firewall.

As you try to add many technical controls in the application development, fix vulnerabilities in different places, or apply security policies in the environment, be aware that those tasks were done mainly by human beings. Understanding that human beings are a crucial part of security controls will ...