Human Factors in Cybersecurity

Name: Cassis, Matthew 

CYSE 200T 

4-24-26 

Human Factors in Cybersecurity 

BLUF: If I was a CISO with a limited budget in a mass cybersecurity business and I had to balance the tradeoff between training and brand-new cybersecurity. I would take a look at all my funds and financial spreadsheets for the business and allocate funds based on what is in more demand at the given time. I would then overlook the equipment and training that is taking place and make sure that it is worth the funds of which I put in and deem whichever is more necessary or if further funds are needed for more of the two. 

Funds to training: Training within any organization, business, company etc., is of the utmost importance to their effectiveness, production, flow of service, longevity and well-being. If there is a need for training then that is a very serious need for how can the workers do the job if they dont know how to do the job? How can they do the job well if they don’t know how to do the job well? That is where the importance of training and its quality comes in. Equipment is good, it can give the company new tools to complete tasks at an accelerated rate, increase the strength of security, open new opportunities etc., but that equipment is useless if it cannot be handled right. At the end of the day, all equipment are just tools and a tool is only as effective as the knowledge of the person using it.  

Funds to Equipment: Equipment is very necessary within any company, business, organization, etc. It is what keeps the company up to date with the times and opens more doors for the future. If we were still using computers that only did simple arithmetic in seconds then we would not be very far advanced within society hence the increasing demand for equipment whether it be newer or better, within any firm. As I stated in the discussion above, equipment is useless if it cannot be operated correctly or sufficiently. More times than not, my decision will be training for the workers for the troops always come first. If they cannot do the job, then the job cannot be done. 

Conclusion: In conclusion, if I was the CISO with limited funds and had to choose between equipment and training, I would consider training first and foremost as an option. The option above all other considerations and see how that plays out against equipment and its necessity. A CISO is a leader and a leader of extreme significance, I feel that it is of extreme importance for them to always put their troops well-being first and foremost above all other areas when it comes to decision making. Along with my other examples of why training is so important, this is a core component of my reasoning. Well trained and prepped workers are the firm and concrete bedrock upon which all operations, productions, supply-demand quotas and daily conductions for a organization, business, company etc., are built upon. 

Leave a Reply

Your email address will not be published. Required fields are marked *