Building a Human Firewall: The Power of Cybersecurity Awareness Training
Keywords:
Human Firewall, Cybersecurity Awareness Training, Employee Engagement, Phishing and Social Engineering, Security-Conscious Culture.Abstract
In an era of increasing cyber threats, organizations must recognize that their first line of defence often lies not in sophisticated technology, but in the awareness and actions of their employees. Building a Human Firewall: The Power of Cybersecurity Awareness Training highlights the critical role that comprehensive training plays in safeguarding organizational assets. While security tools like firewalls and encryption are essential, human error remains one of the leading causes of security breaches, making cybersecurity awareness training indispensable. This article explores how organizations can cultivate a "human firewall" through well-structured awareness programs that educate employees on common threats like phishing, social engineering, and password security. It underscores the importance of fostering a security-conscious culture where employees are actively engaged and prepared to recognize and respond to potential cyber threats. By empowering staff with the knowledge and skills to make informed decisions, organizations can drastically reduce the risk of cyber incidents. The article also emphasizes the need for ongoing training, ensuring that employees remain vigilant and informed about the latest attack tactics. Furthermore, it covers the benefits of interactive, real-time training approaches that enhance retention and preparedness. In addition, the article discusses how leadership support and a company-wide commitment to cybersecurity awareness can drive long-term improvements in an organization’s security posture. In conclusion, building a human firewall through effective cybersecurity awareness training is essential for any organization looking to mitigate the risks of cyberattacks. By turning every employee into an active participant in the organization's security strategy, businesses can create a stronger, more resilient defence against the evolving cyber threat landscape.
Downloads
References
Anderson, R. (2020). Security Engineering: A Guide to Building Dependable Distributed Systems (3rd ed.). Wiley.
Baker, T., & Smith, L. (2019). Cybersecurity: The Essential Body of Knowledge. Cengage Learning.
Bayuk, J. L. (2012). Cybersecurity Policy and Governance. Springer.
Boddy, W., & Smith, G. (2018). Cybersecurity for Small Businesses: A Practical Guide. Routledge.
Brotby, W. K. (2009). Information Security Governance: A Practical Development and Implementation Approach. Wiley.
Calder, A., & Watkins, S. (2020). IT Governance: An International Guide to Data Security and ISO 27001/ISO 27002 (6th ed.). Kogan Page.
Cherdantseva, Y., & Hilton, J. (2013). A Reference Model of Information Assurance & Security. IEEE.
Cichonski, P., Millar, T., Grance, T., & Scarfone, K. (2012). Computer Security Incident Handling Guide. NIST Special Publication 800-61.
Clarke, R. A., & Knake, R. K. (2019). The Fifth Domain: Defending Our Country, Our Companies, and Ourselves in the Age of Cyber Threats. Penguin Press.
Davis, J., & Magrath, S. (2013). A Practical Guide to Cyber Security. IT Governance Publishing.
ENISA. (2016). Cybersecurity and Resilience for Smart Hospitals. European Union Agency for Cybersecurity.
Finkle, J. (2018). Cybersecurity: A Business Solution. CRC Press.
Gartner. (2021). Top 10 Strategic Technology Trends for 2022. Gartner Research.
Gordon, L. A., & Loeb, M. P. (2006). Managing Cybersecurity Resources: A Cost-Benefit Analysis. McGraw-Hill.
ISO/IEC. (2013). ISO/IEC 27001: Information Security Management. International Organization for Standardization.
Kaspersky Lab. (2017). Cybersecurity for Business: A Practical Guide. Kaspersky Lab.
Kissel, R. (2013). Glossary of Key Information Security Terms. NIST Special Publication 800-12.
McAfee. (2020). The Economic Impact of Cybercrime. McAfee Security.
National Institute of Standards and Technology (NIST). (2018). Framework for Improving Critical Infrastructure Cybersecurity. NIST.
Ponemon Institute. (2021). The Cost of Cybercrime. Ponemon Institute.
Ross, R., McEvilley, M., & Oren, J. C. (2016). Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems. NIST Special Publication 800-160.
Schneier, B. (2015). Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World. W.W. Norton & Company.
Singer, P. W., & Friedman, A. (2014). Cybersecurity and Cyberwar: What Everyone Needs to Know. Oxford University Press.
Symantec. (2019). Internet Security Threat Report. Symantec Corporation.
Whitman, M. E., & Mattord, H. J. (2018). Principles of Information Security (6th ed.). Cengage Learning.
Downloads
Published
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
All papers should be submitted electronically. All submitted manuscripts must be original work that is not under submission at another journal or under consideration for publication in another form, such as a monograph or chapter of a book. Authors of submitted papers are obligated not to submit their paper for publication elsewhere until an editorial decision is rendered on their submission. Further, authors of accepted papers are prohibited from publishing the results in other publications that appear before the paper is published in the Journal unless they receive approval for doing so from the Editor-In-Chief.
IJISAE open access articles are licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. This license lets the audience to give appropriate credit, provide a link to the license, and indicate if changes were made and if they remix, transform, or build upon the material, they must distribute contributions under the same license as the original.
