Regrettably, having cyber security products in place does not guarantee you won’t be hit by a cyberattack. Yes, cyber security products are essential, but the ‘human firewall’ is also vital. 

What is the ‘human firewall’? 

Ensuring that the people who use your business IT kit are well-versed in cyber security is essential; too often cyberattacks focus on people in order to infiltrate a business. To form a human firewall staff need to be: 

  • Trained in cyber security, understand how to maintain it and recognise when an attack is taking place 
  • Enabled to report a potential breach as soon as it occurs 

Human firewalls take different forms depending upon the size of a business, but we’d recommend that your SME includes as many team members in this as possible! 


Cyber security training needs to be a regular feature for ALL personnel within a business. Just because a staff member is not a regular computer user doesn’t mean they won’t get targeted. Hackers will use ‘social engineering’ tactics to work out who does what within a business, where they fit into the hierarchy and what their vulnerabilities are. 

Regular and good quality training will ensure staff understand their role in the cyber security of the business and how they can help prevent an attack.  


Within training programmes personnel need to be made aware of the process for reporting a potential cyber breach. Staff need to feel empowered to speak up if they fear an attack is occurring. Nipping an attack in the bud could prevent significant damage to your business.  

Cyber resilience 

As we’ve reported previously, any amount of cyber security will not necessarily prevent an attack. Making sure your business has a plan for dealing with an attack, should it occur, is vital and human action is at the heart of ensuring resilience. 

Never assume 

To conclude, don’t assume that your cyber security products are covering all bases. Your human firewall is essential. If you’re not convinced that you have one, and need advice, please ask Net Primates