{"id":262,"date":"2026-03-22T18:39:00","date_gmt":"2026-03-22T18:39:00","guid":{"rendered":"https:\/\/sites.wp.odu.edu\/leeanne-banks\/?p=262"},"modified":"2026-04-16T18:41:30","modified_gmt":"2026-04-16T18:41:30","slug":"the-human-factor-in-cybersecurity-write-up","status":"publish","type":"post","link":"https:\/\/sites.wp.odu.edu\/leeanne-banks\/2026\/03\/22\/the-human-factor-in-cybersecurity-write-up\/","title":{"rendered":"The Human Factor in Cybersecurity- Write-up"},"content":{"rendered":"\n<p>Cyber Security on a Budget<br><br>As the Chief Information Security Officer my job is to keep all of our systems and data safe<br>from threats. There are two things that I think are most important in a company. First is the<br>technology and, second, the training. I would start by looking at the risks of the company<br>and see what is the riskiest issue. If there are a lot of employees that use weak passwords<br>or even the fact that the company uses technology to store high-risk data, if that<br>information got out, it could be a problem. Since I have limited funds, I would choose to<br>spend it equally on technology and training. I personally would choose to invest in antivirus<br>software, firewalls, and multi-factor authentication programs. This would make it harder to<br>steal the information and multi-factor authentication would help in the case that a<br>password gets stolen because the hacker can\u2019t access it without the second method. This<br>means unless they had the device or something that contained the MFA method, they<br>wouldn\u2019t be able to get into everything.<br>When it comes to training, I would place money into training the employees to help lessen<br>the likelihood they fall for common scams. By doing this the employees could know what<br>suspicious emails or links could look like. They could see how a lot of time links could be<br>slightly misspelled or that if the email seems too good to be true it\u2019s probably a scam, an<br>example would be a brand new macbook costing $200 instead of $700 or more; that\u2019s<br>unrealistic and would almost be guaranteed a scam. Another thing would be if they<br>received an email that they didn\u2019t expect and was completely random, then it\u2019s not likely it<br>would be legit. Even the most extensive technology cannot prevent every single attack,<br>which is unfortunate. Having trained employees will lessen the risks but even then, it won\u2019t<br>fully stop them. Since I don\u2019t have a large budget, I would prioritize the higher risk<br>employee areas. So, someone in finance would handle a lot of clients&#8217; personal<br>information and they would need more training because that information can cause a big<br>problem if it&#8217;s stolen. While nobody\u2019s information needs to be accessed without correct<br>authorization, if any information had to get stolen, it should be the less important stuff that<br>won\u2019t ruin someone\u2019s life. (Khadka, Kalam, and Abu Barkat Ullah. \u201cHuman Factors in<br>Cybersecurity: An Interdisciplinary Review and Framework Proposal &#8211; International Journal<br>of Information Security.\u201d SpringerLink, Springer Berlin Heidelberg, 29 Apr. 2025,<br>link.springer.com\/article\/10.1007\/s10207-025-01032-0.)<br>In conclusion, as a CISO with very limited funds, I would balance how I spend my money. I<br>would invest in strong security tools and employee training to both protect the computer<br>system and reduce the risk of errors. I would make sure to use cost-effective methods and<br>also measure the results to make sure that my methods are working. Cybersecurity has<br>two components, the technology and the person who uses it. This way I can get the best<br>protection possible with the money that I have and keep the company away from<br>cyberthreats.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cyber Security on a Budget As the Chief Information Security Officer my job is to keep all of our systems and data safefrom threats. There are two things that I think are most important in a company. First is thetechnology&#8230; <a class=\"more-link\" href=\"https:\/\/sites.wp.odu.edu\/leeanne-banks\/2026\/03\/22\/the-human-factor-in-cybersecurity-write-up\/\">Continue Reading &rarr;<\/a><\/p>\n","protected":false},"author":31911,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","wds_primary_category":0},"categories":[6],"tags":[],"_links":{"self":[{"href":"https:\/\/sites.wp.odu.edu\/leeanne-banks\/wp-json\/wp\/v2\/posts\/262"}],"collection":[{"href":"https:\/\/sites.wp.odu.edu\/leeanne-banks\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sites.wp.odu.edu\/leeanne-banks\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/leeanne-banks\/wp-json\/wp\/v2\/users\/31911"}],"replies":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/leeanne-banks\/wp-json\/wp\/v2\/comments?post=262"}],"version-history":[{"count":1,"href":"https:\/\/sites.wp.odu.edu\/leeanne-banks\/wp-json\/wp\/v2\/posts\/262\/revisions"}],"predecessor-version":[{"id":263,"href":"https:\/\/sites.wp.odu.edu\/leeanne-banks\/wp-json\/wp\/v2\/posts\/262\/revisions\/263"}],"wp:attachment":[{"href":"https:\/\/sites.wp.odu.edu\/leeanne-banks\/wp-json\/wp\/v2\/media?parent=262"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/leeanne-banks\/wp-json\/wp\/v2\/categories?post=262"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/leeanne-banks\/wp-json\/wp\/v2\/tags?post=262"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}