The CISO, or Chief Information Security Officer, is responsible for monitoring, maintaining, and protecting the information systems of the organization that they work for. They are also responsible for creating and implementing budgets for training employees and maintaining the systems software and hardware in order to remain secure against any current or future threats. As CISO, creating a realistic budget with limited funds can be difficult and will require the allocation of funds to one department over another so as to optimize the cybersecurity needs of your organization.

Cybersecurity Technology
Technologies used in cybersecurity are always growing. As new technologies are invented and become commonplace, it provides more opportunity for hackers to try to infiltrate those systems. New technology is emerging and growing at a rapid rate, things from cloud-based software to artificial intelligence to bio-cyber technology. If I were CISO, I would prioritize the improvement of my organization’s technology to stay up to date, and therefore less vulnerable to new and old threats. “In 2021, businesses experienced 50% more cyberattacks each week compared to 2020.” (Simmons, 2023). A 50% increase in cyberattacks is a massive surge in such a short period of time. This indicates that hackers are learning and finding opportunities with the advancing technology that is emerging. Organizations must be diligent in staying current on as many technological advancements as possible. This will allow for them to be prepared for if and when a cyber attack happens. Older technology and older software is vulnerable to attacks and hackers have had more time to learn about that technology and to find newer and more creative ways to compromise it. By staying on top of advancing technological trends, organizations will also be staying ahead of hackers that are also becoming familiar with these new devices and programs.

Training
Another large concern is training staff in matters of cybersecurity. Training can range from casual to intensive depending on the organization’s needs and budget. Although training is an essential aspect of maintaining cybersecurity within an organization, there are many types of training that are available. One of the most valuable types is awareness training. Although training employees to be aware of the different kinds of cyber attacks that threaten a company is relatively inexpensive, it will still cost the company to have every employee attend that awareness training, whether in-person or virtually, and be away from their daily tasks. This cost is highly beneficial due to the necessity of everyone needing to know how to use the new technologies that are updated frequently, as well as be aware of any new threats that may arise because of it. It is a small sacrifice in labor for a large increase in security that has innumerable potential rewards in the future as a result.

Conclusion
In the end, budgets of organizations play a large role in determining what funds are allocated where. When it comes to training and cybersecurity technology, both are significantly important to the success of their ongoing security. While both are important, I think keeping up with advances in technology is slightly more important than training. This is because technology is always advancing and changing and so are hackers. If we do not keep up with them then we are vulnerable to threats that we otherwise would not be. That’s not to say that cybersecurity training isn’t as important. Training is an essential part of protecting the data systems of an organization. However, training can be done simply but effectively. Something as simple as regular awareness training and training on the new equipment can make a large impact on the cybersecurity of an organization. So, with a limited budget, investing the majority of it in advanced technology is the most worthwhile.

References
Simmons, L. (2023, March 21). New Technologies in cybersecurity: Combatting the latest threats. Explore Cybersecurity Degrees and Careers | CyberDegrees.org. https://www.cyberdegrees.org/resources/hot-technologies-cyber-security/