{"id":306,"date":"2025-04-28T01:11:50","date_gmt":"2025-04-28T01:11:50","guid":{"rendered":"https:\/\/sites.wp.odu.edu\/isaactano\/?p=306"},"modified":"2025-04-28T01:11:50","modified_gmt":"2025-04-28T01:11:50","slug":"write-up-the-human-factor-in-cybersecurity","status":"publish","type":"post","link":"https:\/\/sites.wp.odu.edu\/isaactano\/2025\/04\/28\/write-up-the-human-factor-in-cybersecurity\/","title":{"rendered":"Write Up &#8211; The Human Factor in Cybersecurity"},"content":{"rendered":"\n<p><strong>BLUF <\/strong>\u2013 As a Chief Information Security Officer, it is crucial that I maintain a<br>balance between proper training of employees and technology of cybersecurity<br>even with a limited budget. My primary objective is to reduce organizational risk as<br>well as possible, and that requires a balance between spending on cybersecurity<br>technology and training the staff. Since neither human nor machine alone can offer<br>adequate protection, the goal is to achieve the optimal risk reduction with the<br>limited budget I have. This begins with a thorough understanding of the threat<br>environment facing the organization and follows up with thoughtful prioritization of<br>both human and technical defense.<br><strong>Approaching the Balance<\/strong><br>To start off, risk assessment should be the first factor to prioritize. By<br>identifying valuable assets, business processes, and threats, I can determine where<br>the greatest risk is for the company. This allows limited funds to be spent on the<br>most vulnerable or valuable areas. For example, if outdated software and<br>misconfigurations are identified as significant vulnerabilities, secure configuration<br>practices and vulnerability management would be prioritized. Technical controls<br>employed to automate patching and enforce baseline configurations can be very<br>effective in reducing exposure to common exploits. Apart from these tools, I would<br>focus on training staff to recognize the importance of timely updates, system<br>hardening, and change management. This approach not only deals with the<br>technical threats at source but also contributes to the overall security culture by<br>encouraging responsible and proactive behavior. As for the allocation of funds, I<br>would do 40% to human training, 40% to technology, and 20% for miscellaneous.<br><strong>Conclusion <\/strong>\u2013 These are the steps I would take if I was a CISO on a limited budget,<br>and was tasked to balance training and cybersecurity technology.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>BLUF \u2013 As a Chief Information Security Officer, it is crucial that I maintain abalance between proper training of employees and technology of cybersecurityeven with a limited budget. My primary objective is to reduce organizational risk aswell as possible, and that requires a balance between spending on cybersecuritytechnology and training the staff. Since neither human&#8230; <\/p>\n<div class=\"link-more\"><a href=\"https:\/\/sites.wp.odu.edu\/isaactano\/2025\/04\/28\/write-up-the-human-factor-in-cybersecurity\/\">Read More<\/a><\/div>\n","protected":false},"author":30487,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","wds_primary_category":0},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/sites.wp.odu.edu\/isaactano\/wp-json\/wp\/v2\/posts\/306"}],"collection":[{"href":"https:\/\/sites.wp.odu.edu\/isaactano\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sites.wp.odu.edu\/isaactano\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/isaactano\/wp-json\/wp\/v2\/users\/30487"}],"replies":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/isaactano\/wp-json\/wp\/v2\/comments?post=306"}],"version-history":[{"count":1,"href":"https:\/\/sites.wp.odu.edu\/isaactano\/wp-json\/wp\/v2\/posts\/306\/revisions"}],"predecessor-version":[{"id":307,"href":"https:\/\/sites.wp.odu.edu\/isaactano\/wp-json\/wp\/v2\/posts\/306\/revisions\/307"}],"wp:attachment":[{"href":"https:\/\/sites.wp.odu.edu\/isaactano\/wp-json\/wp\/v2\/media?parent=306"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/isaactano\/wp-json\/wp\/v2\/categories?post=306"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/isaactano\/wp-json\/wp\/v2\/tags?post=306"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}