To understand the importance of balance in training and additional cybersecurity technology for a limited budget we must first understand the importance of why the cybersecurity is important. Cybersecurity technology is serves as the backbone of many organizations, and for this many use these systems as a first line of defense for said organization. For this write up, I will address 3 in how and where the budget will be allocated.
Core technologies that allow organizations to protect themselves include endpoint encryption, firewalls, automated monitoring systems. There are so many more systems that are put in place to allow a high security to the company, that being said allocate roughly 50% to 60% of funds from the budget to ensure all systems are update, and the necessary cybersecurity programs to ensure my organization runs smoothly. These systems would allow greater protection from threats like viruses, phishing, and trojans. Newer technologies like the introduction of artificial intelligence allow systems to learn and expand into better ways to protector sensitive data, overall creating a positive outlook for my organization.
Although the technology involved is very important there is still a significant human interaction involved to maintain those systems. The budget for employee training and awareness would be around 30%. Humans act as a firewall, acting like another barrier to ensure these systems are able to be secure. Some of the major training focus areas would be, first raising awareness to phishing. A lot of these indecent I have seen personally were cyberattacks due to human error. Some from opening an email attachment with a virus, and to some having weak security protocols in place, which end up leaving the organization vulnerable. With the proper training and communication employees can work together as a hardened line of defense. Second, I would have training on access control and data management. This type of training would help prevent accidental breaches, but brining checks and balances into the mix. Third I would implement specific roles for specific employees. Managers would oversee a team and within the staff which employee would have a specific role of defense, like IT, finance, and support. Overall, this would have reduce the risk from human error and cyber-attacks.
Moving on the last take of the budgeting process we end at risk assessment and policy. For this section of the budget, I would allocate around 10 percent, or whatever the remaining budget is. Risk and polices are important, because they serve as a guideline of how the organization should run. There would be a continual update in risk assessment to ensure my organization and the data is protected. Security audits and penetration testing allows those employees who are authorized to test system limits and keep them up to date. By continually updating policy this helps employees adapt to new risks while keeping the team involved.
All of the tasks and plans allow a harmonious mix of cyber technology and human use. It’s important to have the correct systems and knowledge staff to keep the processes in check. This allows the organization to remain robust while having a solid plan in case of attack or breach. Checks and balances exist to keep power at a balance.

References

How to Align Your Cybersecurity Budget with Current Trends. (2024). Retrieved from https://trainingcamp.com/how-to-align-your-cybersecurity-budget-with-current-trends

25, B. G. Young      July, Authors, Cybersecurity, G. Y. V. of, Young, G., Cybersecurity, V. of, Us, C., & Subscribe. (2023). 4 Cybersecurity Budget Management Tips. Retrieved from https://www.trendmicro.com/en_us/ciso/22/h/cybersecurity-budget-management.html

DigitalDefynd, T. (2024). 15 Tips for Effective Cybersecurity Budget Allocation [2024]. Retrieved from https://digitaldefynd.com/IQ/cybersecurity-budget-allocation-tips

Triplett, W. J. (2022). Addressing Human Factors in Cybersecurity Leadership. Retrieved from https://www.mdpi.com/2624-800X/2/3/29