Employee training should be prioritized over technology in the budget.

Cybersecurity Technology vs Training

The average company is estimated to spend between 6% and 14% of its IT budget on cybersecurity (Bernard & Nicholson, 2025). Using that information and assuming that most of it goes to hardware and software, I would not prioritize technology over training. It is true that technology is inherently expensive and requires a large amount of money; however, most of that funding goes to the upkeep of technology and not the cybersecurity upgrades.  The digital world is fast-paced, and it is impossible for any organization to truly match its advancements. 

Employee training is a long-term investment that has a slow start but has a profound return. Investing in cybersecurity technology has immediate results, but is ultimately useless if employees do not know how to handle it. Humans are not perfect and require frequent refresher courses. To keep up with the flow of new employees and cybersecurity threats, a large amount of money is needed. If a budget were split between technology and employee training, at least 60% would go to training.

Conclusion

Though cybersecurity is based on technology, humans are the root of it. Cyber attacks are perpetrated by humans and need to be handled by humans. Organizations cannot rely on the latest cybersecurity technologies alone. There must be employees to oversee the operations. Without proper training, the money spent on technology would be wasted, as there would be very few people to put it to use. 

References

Bernard, J., & Nicholson, M. (2025, June 26). Reshaping the cybersecurity landscape. Deloitte Insights. https://www.deloitte.com/us/en/insights/industry/financial-services/cybersecurity-maturity-financial-institutions-cyber-risk.html