As the field of cybersecurity continues to grow and evolve, the need to balance both the level of technology with human training becomes more and more important. On one hand, cybersecurity needs to have the best tech available to function at its best. On the other hand, if people are not properly trained and involved in good cybersecurity practices, then they can be a vulnerability themselves. Balancing these two factors while on a budget is incredibly important, and the answer is always different depending on the circumstances. All systems require human training, proper technology, and to sustain a healthy balance of both prior factors.

Firstly, cybersecurity systems require exceptional human training. Humans are generally the weakest part of a cybersecurity system. Human error has caused a majority of all data breaches, stated best by Ganna Pogrebna and Boris Taratine, “With over 90% of successful breaches worldwide starting with a phishing email, it is clear why cybercriminals concentrate on the psychological tools for planning and implementing the attacks.” This shows the absolute importance of human training in cybersecurity, as a majority of all breaches comes from a lack of proper training among humans. This weakness in security can only be fixed by training.  Training employees on proper cybersecurity techniques is important for any business to ensure successful security from outside cyber threats.

Secondly, cybersecurity must have proper and advanced technology. Technology serves as the main avenue of defense for any cybersecurity system, and without it a system would be wide open to any number of threats. Some even believe that the human factor of cybersecurity should be removed entirely, seeing it as a weakness that can not be fixed. The idea that “Removing people from the equation entirely and adding transparency and automation is the only effective way to truly protect and prevent data leaks and ensure you’re in compliance.” (capone, 2018) is an extreme one, but highlights just how important technology is when it comes to cybersecurity. Technology must be kept up to date, and the technology used should evolve frequently to ensure the best possible defense of all systems.

Finally, and most importantly, the balancing of human training and technology is vital to all cybersecurity systems. A company only has so much money that can be budgeted to cybersecurity, so properly training people and also having the best technology isn’t always feasible, so compromises between the two have to be made. Due to the fact that a majority of cybersecurity breaches are due to human error, training should receive some of the budget, yet not enough that obtaining proper technology becomes impossible. Having the proper technology should be prioritized, but not so much that human training is abandoned. This middle ground is where most companies should strive to be, as having the proper technology and people competent at maintaining security of a system provides for a much better defense than either one on its own.

In conclusion, the implementation of both the proper human training and updated technology are both paramount to the success of the cybersecurity of a company. They both have their positives, but ultimately must compete against each other for the money that is budgeted for cybersecurity. The challenge is finding the balance where humans are sufficiently trained and the proper technology is in place for a secure system. Finding this balance is hard, but is necessary for any company wishing to be as secure as possible in the ever changing world of cybersecurity.

Pogrebna, G., & Taratine, B. (2020, February 14). Cybersecurity as a behavioural science: Part 1. CyberBitsEtc. Retrieved October 17, 2021, from https://www.cyberbitsetc.org/post/cybersecurity-as-a-behavioural-science-part-1. 

Capone, J. (2018, May 25). The impact of human behavior on security. CSO Online. Retrieved October 17, 2021, from https://www.csoonline.com/article/3275930/the-impact-of-human-behavior-on-security.html.