Balancing a cybersecurity budget between training and technology requires a strategic
understanding of risk and human behavior. As Chief Information Security Officer, I would
allocate a significant portion of the budget toward employee training, recognizing that human
error is a leading cause of cyber incidents. Phishing attacks, poor password hygiene, and
misconfigured systems often stem from a lack of awareness rather than malicious intent.
Investing in role-specific training, phishing simulations, and gamified learning platforms builds a
resilient human firewall that complements technological defenses. This approach not only
reduces risk but also empowers employees to become active participants in the organization’s
security posture.
Goswami, B. (2024, November 25). Balancing the budget: Human training or technology?
https://sites.wp.odu.edu/bgoswcyse200t/2024/11/25/balancing-the-budget-human-training-or-tec
hnology-2/