When asked how I would balance training vs. technology with a low budget.

What would I do?

As a Chief Information Security Officer (CISO) who must manage a limited budget, I focus on the training aspect of cybersecurity, after all the readings, I don’t see the point of introducing more, and, or better technology that will be handled by people who aren’t trained to handle it. With my limited balance, I would stir toward training or look for a middle ground. If I train my employees more, I wouldn’t need to spend as much on cybersecurity technology. The revenue could be used to generate more money.

Why?

Well, the risk behind leaning toward training is less than that of spending on cybersecurity technology. Better software is almost always a good thing, but people who lack training won’t know how to manage it.  There is less risk to investing in better training programs, better employees could increase profit by a large margin.