Human factor write-up

Posted by nrobe017 on

Nicholas Robertson


Human factor write-up summary
Money is always a factor when it comes to companies and knowing what to spend it on could save a company millions in damages. So we ask the question, does technology or training deserve more money?
Human factors overview
Cybersecurity risks based around human factors is inevitable and is a massive inconvenience to the company affected. To mitigate this companies rely on training their employees in safe cyber practices. How much money is put into these programs is entirely up to the budgeting of the project. To illustrate this I’ll come up with a scenario and split the money into two factors. So let’s say I had $1,000,000 and I had to give a percentage of this money to either training for my employees or additional cybersecurity technologies. I personally would choose to split the money 30/70, spending 30% of the money to train the employees and spending the remaining 70% on the technology. Now why would that be the case? For most people they would think that training is the most important factor of keeping your company’s assets safe and secure. I agree, but to an extent and I’ll explain it in a breakdown.

Training
Training employees in safe cybersecurity practices doesn’t need to cost as much as some might think. The cost for cybersecurity training is relatively low and doesn’t need a lot of money thrown at it constantly. While it is true that with the ever growing field of cybersecurity technology, the training needs to accommodate for the rapid growth, you can still train employees with a reasonable budget. As throwing huge sums of money into training, only for the employees to not follow the training is practically a waste of money. You can incorporate cheaper solutions to train employees, like a powerpoint presentation during a mandatory company meeting or sending out a company email with a file attached to it going over the standards and procedures for safe cyber practices. Enforcement of these policies can also save money, as an employee will tend to be more cautious in making mistakes if their job is on the line.

Technology
Technology is without a doubt the most expensive out of the two and needs more money allocated to it. Without updated technology, systems can be easily hacked and infiltrated by criminals and could cost a company with millions of dollars in losses. Unlike training, technology has no cheaper alternative. It demands more money and without it, you’re not getting the technology. Without newer tech, the company’s vital data is sitting in the open ready to be attacked and it becomes harder each time for cybersecurity teams to protect the systems when they are not properly equipped.
Final thoughts
In the end, I believe that technology should have more money allocated towards it, due to the fact that there are no cheaper alternatives to tech. With training, it is important to throw money its way to make sure that the employees are up to date on safe practices. But I strongly believe that there are cheaper alternatives that a company can use to enforce new policies and practices.

Leave a Reply

Your email address will not be published. Required fields are marked *