If I was Chief Information Security Officer and had a limited budget between the tradeoff of training, and cyber security technology. I would personally split that budget 70/30, 70% more money on tools, and 30% on training. The reason I’d put more resources towards cyber security technology is because people mess up, and tools don’t get tired or forget. A person can miss something, but tools can catch a mistake instantly. Training is also important though that is why 30% of the budget would still go towards training, because of course better training just overall helps avoid mistakes as a whole that therefore the cyber security technology wouldn’t even be needed at all. Overall, though, I just expect people to make mistakes and so cyber security technology being a priority will always be there ready for those mistakes that WILL occur so that is why my budget would mostly go towards cyber security technology.