The Importance of the Human Factor

kfors002 CYSE 200, Write-Ups

Introduction
The tools we implement are only as good as the people behind the tools. Without
the proper training of different departments, the business isn’t able to be protected to
the fullest potential, which is the security department’s goal. Just as home security
means nothing if the front door is open, an information security department can only be
as effective and efficient as the employees who utilize it. “Investing in people is just as
critical as investing in technology,” because if the people are neglected, that means the
business is as well (AIM, 2024).
The Strategy
With limited funds, it is important that resources are used to their fullest potential,
which includes the people. When it comes to training, it should cover people in all
sectors of the business, or else it will leave potential risk to overall security. Having only
the security department be aware of the proper methods to reduce human error will not
reduce any risk. There is also a “cost of ignoring these training needs,” so when
implementing a security defense, the priority is to enact department training that informs
teams of proper everyday protocols that allow protecting the systems and awareness of
what attacks can look like (AIM, 2024).
The line of defense includes every person who works with the business’s
systems and thus must be knowledgeable of the “culture of cybersecurity
awareness”(AIM, 2024). Housekeeping is essential, making sure that employees are
updating passwords and logging off can be the first steps to increasing the protection of
information systems around the office. Especially with more people who are working
from home. Another benefit of training all business departments is by testing and
demonstrating what phishing and scam attacks are, so that they can effectively report
them and decrease vulnerability.
Conclusion
When it comes to implementing additional cybersecurity or enforcing training
while on a limited budget, the priority is employee training. Human factors are a part of
security and will always be, no matter the systems implemented. The investment in the
people who work under the business will help security in reducing risk and bringing
overall awareness of potential cyber attacks, allowing everyone to be on the same page
when it comes to working with technology.

References
The Australian Institute of Management. (2024, October 15). The human factor in
cybersecurity: The impact of training. Australian Institute of
Management (AIM).
https://www.aim.com.au/blog/the-human-factor-in-cybersecurity

Leave a Reply

Your email address will not be published. Required fields are marked *