Beefing Up Security With a Human Firewall
Cybersecurity
SHARE
Facebook X Pinterest WhatsApp

Beefing Up Security With a Human Firewall

Written By
eWEEK EDITORS
eWEEK EDITORS
Nov 5, 2001
2 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

Juan Diaz Pinales made only one demand when he signed on as information security manager of Doral Financial: that he report directly to the CEO.

While most I-managers may not make such ultimatums, Pinales said his authority has made a big difference for Dorals security infrastructure in his eight months on the job. The bank has quadrupled the number of suspicious activities reported to the government because more employees are involved in monitoring, he said.

Pinales status in his bank is an example for those who want to develop better security policies within corporations, rather than focusing only on better technology.

The Human Firewall Council, a nonprofit organization that includes members from Ernst & Young and the FBI, will promote awareness of the importance of human factors involved in information security. It will also provide programs and policies that can help make an organization successful when incorporating these factors. The HFC was introduced at last weeks Computer Security Institute conference in Washington, D.C.

Human Factors

“People is one of those topics that doesnt get nearly enough attention, but is absolutely critical to a companys security,” said Charles Cresson Wood, an independent information security consultant and HFC member.

Security responsibilities need to be woven into the fabric of an organization, Wood said. For example, if a company incorporates security policy in its codes of conduct, its training and its performance reviews, employees are more likely to take note of those policies.

Dorals employees must read a security manual and pass a test before being allowed to access the banks computer systems. “In my policy, every bank manager is my assistant security manager,” Pinales said.

Often, the problem for I-managers is convincing an organizations top executives that implementing a more widespread security policy is not going to cost them more money.

Steve Hunt, vice president and research leader of Giga Information Group and a member of the HFC, said that part of the HFCs job is convincing executives that they get much more bang for their IT buck when its spent on people, not technology.

“If you only have $1 left in your security budget, spend it on awareness,” Hunt said.
eWEEK EDITORS
eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

facebook
linkedin
youtube
rss
x

Company

About us Contact us Advertise with us

Categories

Latest News Resources Artificial Intelligence Video Big Data & Analytics Cloud Networking

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Terms of Service Privacy Policy California - Do Not Sell My Information