Cybersecurity, Technology, and Society
Assignment Showcase: Write Up – The Human Factor in Cybersecurity
THE HUMAN FACTOR IN CYBERSECURITY
Balancing Limited funds as a CISO
As a CISO the most important thing to keep up with is arguably funding, without funding
a company isn’t able to run at all. Another thing is figuring out what to use the funding for;
some things to consider what you should use funding on is training staff and technological
advancements.
Training
When it comes to training in cybersecurity, many employees are undertrained and lack
awareness on cybersecurity procedures and what to look out for when in a workplace
environment. According to the Harvard Business Review, “cybercriminals scammed $26
billion between October 2013 and July 2019 with the “Business Email Compromise” scam
that, using deceptive and manipulative social engineering techniques, lured employees
and individuals into divulging their credentials and eventually making unauthorized
transfers or funds.” If every employee in a company was trained in cybersecurity and how
to be secure in the workplace, then the chance of an internal attack goes down by a
copious amount. Not only do the chances go down but employees collectively get a
general understanding of cybersecurity. This creates a more knowledgeable environment if
an employee were to spot something they could immediately send it over to the
cybersecurity department to inspect it.
Technology
When it comes to technology in cybersecurity, you can’t go without it. If a company’s
database is running without strong security, it likely won’t survive very long. Many things
that are good to have as a company are Role Based Access Control (RBAC) which limits
users only to what they are assigned to, Firewalls that act as a barrier between trusted and
untrusted networks, and two factor authentication (2FA) which is a form of multi factor
authentication that makes sure the user is the correct user before allowing access to a
database. There are many more forms of technology that a CISO should spark interest in
but those three are really the foundation to ensure the company is secure.
Conclusion
Ultimately, as a CISO you have to balance limited funds between training employees of
the company and technology to strengthen the company. Training employees can
significantly reduce the risk of human error which is a major part of cybersecurity
breaches. By educating employees on what to look out for companies can create a secure
workplace environment where cybersecurity is a normal practice. On the other side of
things, investing in technologies like Role Based Access Control (RBAC), firewalls, and two
factor authentication (2FA) is important to overall protect the company’s databases.
Overall, the best way to balance funds and keep your company secure as a CISO is by
combining training and technology as it creates strong security against cyber threats.
workplace environment where cybersecurity is a normal practice. On the other side of
things, investing in technologies like Role Based Access Control (RBAC), firewalls, and two
factor authentication (2FA) is important to overall protect the company’s databases.
Overall, the best way to balance funds and keep your company secure as a CISO is by
combining training and technology as it creates strong security against cyber threats.