The Human Factor In Cyber Security

Posted by cvisc001 on

Introduction

If I were the CISO of a company, I would split our cybersecurity budget into 65% for cybersecurity technologies and 35% for employee training. The intent is to have an equal amount of advanced technology and well-trained employees while also considering how much more expensive technology is than moderate training. As technology becomes more expensive, this will remain a strong ratio that will provide a good foundation for most companies to ensure that neither part of their cybersecurity department vastly outclasses the other in the future.

Cybersecurity Technologies

I would use the technology portion of the budget to secure the latest and greatest cybersecurity technology. With the latest advances in cybersecurity, AI learning is one of the most valuable tools in cybersecurity, acting as an investment into a constantly improving portion of the company. The money will also go towards Intrusion Prevention Systems, providing a robust first line of defense to ensure unauthorized parties cannot access the company. Even if that is to happen, the budget has also accounted for this, with a sizable portion of funding dedicated to the latest firewalls, never letting the firewalls be eight years out of date. Some of the budgets will also go towards investing in the software to safely transfer between these firewalls without leaving any vulnerabilities in the system. While this is just a tiny sampling of the technologies available in cybersecurity, it is also essential to realize how expensive this would be for the company.

Cybersecurity Training

While the training budget may seem much smaller, it is still a large portion of the allotted amount and more than enough to ensure proper employee training. This budget would be split between training the cybersecurity team in the new software and hardware and giving the entirety of the company, in general, safe cybersecurity practices. As the technology is continuously improved, the portion of the training budget saved for the cybersecurity department will be used to ensure that the team knows how to operate the new tech, both the hardware and the accompanying software. In addition, the general portion of the training budget gives monthly lessons in general cybersecurity knowledge to ensure that human error stops creating issues for the cybersecurity department.

Conclusion

While the budget could easily be split in many ways, this split will provide the overall most significant benefits for the company. It is a financial model that will ensure the company always runs smoothly regarding the cybersecurity department. This model similarly never gave numbers besides the percentage as it can apply to budgets of any size, whether the budget can only cover new software or buy an entirely new set of technology. The importance is how all aspects of cybersecurity are used to protect the company.

Leave a Reply

Your email address will not be published. Required fields are marked *