{"id":302,"date":"2025-12-02T04:40:05","date_gmt":"2025-12-02T04:40:05","guid":{"rendered":"https:\/\/sites.wp.odu.edu\/aaronhermans\/?p=302"},"modified":"2025-12-02T04:40:05","modified_gmt":"2025-12-02T04:40:05","slug":"write-up-the-human-factor-in-cybersecurity","status":"publish","type":"post","link":"https:\/\/sites.wp.odu.edu\/aaronhermans\/2025\/12\/02\/write-up-the-human-factor-in-cybersecurity\/","title":{"rendered":"Write Up &#8211; The Human Factor in Cybersecurity"},"content":{"rendered":"\n<p><strong>BLUF:<\/strong> When working with a limited budget, foundational security technology to reduce human<br>error, as well as scrutinous amounts of training need to be the top priorities. This split and<br>balanced approach to risk helps ensure that the organization is properly protected.<\/p>\n\n\n\n<p><br>If I was a CISO, I\u2019d initially begin by securing and implementing the fundamentals with<br>technology to risk the chance of human error. More specifically, I\u2019d fund identity and access<br>controls (MFA and privilege based controls), consistent patch management, and network<br>segmentation. Factoring in the limited budget, I\u2019d allocate approximately 60% towards the<br>previously mentioned technical controls due to their scale and importance. A portion of that 60%<br>would also be used for reconnaissance\/logging based technology to be alerted with errors as<br>quickly as possible.<\/p>\n\n\n\n<p><br>With the remaining 40%, I\u2019d invest it entirely in training. From role-based security training,<br>phishing simulations, and privileged user scenarios, making sure your employees are always<br>focused and aware is the key to a successful organization. Training however isn\u2019t just a check in<br>the box, it\u2019s something that needs to be implemented into a corporation\u2019s schedule to ensure all<br>employees are best prepared to do their job.<\/p>\n\n\n\n<p><br><strong>Conclusion:<\/strong> Ultimately, the best form of cybersecurity strategy is one that recognizes that<br>neither technology nor training is superior in terms of securing an organization. Through<br>intentionally segmenting and balancing resources between technical controls and proper<br>training, a proper defense posture is formed that is best prepared for any malicious activity.<br><\/p>\n","protected":false},"excerpt":{"rendered":"<p>BLUF: When working with a limited budget, foundational security technology to reduce humanerror, as well as scrutinous amounts of training need to be the top priorities. This split andbalanced approach to risk helps ensure that the organization is properly protected. If I was a CISO, I\u2019d initially begin by securing and implementing the fundamentals withtechnology&#8230; <\/p>\n<div class=\"link-more\"><a href=\"https:\/\/sites.wp.odu.edu\/aaronhermans\/2025\/12\/02\/write-up-the-human-factor-in-cybersecurity\/\">Read More<\/a><\/div>\n","protected":false},"author":31366,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","wds_primary_category":0},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/sites.wp.odu.edu\/aaronhermans\/wp-json\/wp\/v2\/posts\/302"}],"collection":[{"href":"https:\/\/sites.wp.odu.edu\/aaronhermans\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sites.wp.odu.edu\/aaronhermans\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/aaronhermans\/wp-json\/wp\/v2\/users\/31366"}],"replies":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/aaronhermans\/wp-json\/wp\/v2\/comments?post=302"}],"version-history":[{"count":2,"href":"https:\/\/sites.wp.odu.edu\/aaronhermans\/wp-json\/wp\/v2\/posts\/302\/revisions"}],"predecessor-version":[{"id":306,"href":"https:\/\/sites.wp.odu.edu\/aaronhermans\/wp-json\/wp\/v2\/posts\/302\/revisions\/306"}],"wp:attachment":[{"href":"https:\/\/sites.wp.odu.edu\/aaronhermans\/wp-json\/wp\/v2\/media?parent=302"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/aaronhermans\/wp-json\/wp\/v2\/categories?post=302"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/aaronhermans\/wp-json\/wp\/v2\/tags?post=302"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}