{"id":305,"date":"2025-12-03T23:38:46","date_gmt":"2025-12-03T23:38:46","guid":{"rendered":"https:\/\/sites.wp.odu.edu\/shianne-brown\/?p=305"},"modified":"2025-12-03T23:38:46","modified_gmt":"2025-12-03T23:38:46","slug":"balance-of-budget","status":"publish","type":"post","link":"https:\/\/sites.wp.odu.edu\/shianne-brown\/2025\/12\/03\/balance-of-budget\/","title":{"rendered":"Balance of Budget"},"content":{"rendered":"\n<p>With a limited budget, invest in both people and technology. I would allocate 50% on<br>cyber technology, 35% on employee training, and 15% on governance and improvement efforts.<br>This gives the company strong protection on technology while also preventing human-based<br>errors in the long run.<br><strong>Background<\/strong><br>As the CISO, I must consider both the technical and human sides of cyber risk. Cyber<br>threats often come from weak security tools, but many incidents also begin with simple human<br>mistakes. Overall, because of this, the budget needs to meet the updated technology standards<br>while also preventing human-based mistakes.<br><strong>Investing in Cybersecurity Technology (50%)<br><\/strong>Half of the budget should go to getting strong security tools, for example, multi-factor<br>authentication (MFA), email filters, endpoint detection, and automated patching. These tools<br>block many attacks before they reach employees and help with faster response time. They<br>provide immediate value and reduce risks from both external attackers and internal errors.<br><strong>Investment in Employee Training (35%)<br><\/strong>About 35% of the budget should be used for training employees on how to recognize<br>threats. This includes phishing simulations, short online lessons, in-person classes, and targeted<br>training for higher-risk departments such as finance and HR. Many cyber incidents start with a<br>person clicking the wrong link; improving awareness helps prevent costly mistakes and saves the<br>company as well as its employees.<br><strong>Investment in Governance and Continuous Improvement (15%)<\/strong><br>The remaining amount of the budget should be used for improvement and governance<br>such as policy updates, incident response planning, and tracking key security metrics. Activities<br>like tabletop exercises and regular reviews help the company learn from past incidents and<br>improve over time. Measuring and recording results allows the security team to see what is<br>working and what is not and how to adjust future spending.<br><strong>Balancing Risk and Benefits<\/strong><br>This budget plan reduces risk on multiple fronts. Cyber technology blocks threats<br>automatically, training reduces human-made errors, and governance keeps the program<br>organized and always improving. Together, these investments create a stronger and more<br>resilient security posture for the company.<br><strong>Conclusion<\/strong><br>With our limited funds, a balanced approach gives the best protection. Allocating 50% to<br>technology, 35% to training, and 15% to governance. This helps the company defend itself now<br>while continuing to build better habits for the future. This strategy provides the strongest overall<br>risk reduction and keeps the organization prepared for evolving cyber threats.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>With a limited budget, invest in both people and technology. I would allocate 50% oncyber technology, 35% on employee training, and 15% on governance and improvement efforts.This gives the company strong protection on technology while also preventing human-basederrors in the long run.BackgroundAs the CISO, I must consider both the technical and human sides of cyber&#8230; <\/p>\n<div class=\"link-more\"><a href=\"https:\/\/sites.wp.odu.edu\/shianne-brown\/2025\/12\/03\/balance-of-budget\/\">Read More<\/a><\/div>\n","protected":false},"author":31573,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","wds_primary_category":0},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/sites.wp.odu.edu\/shianne-brown\/wp-json\/wp\/v2\/posts\/305"}],"collection":[{"href":"https:\/\/sites.wp.odu.edu\/shianne-brown\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sites.wp.odu.edu\/shianne-brown\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/shianne-brown\/wp-json\/wp\/v2\/users\/31573"}],"replies":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/shianne-brown\/wp-json\/wp\/v2\/comments?post=305"}],"version-history":[{"count":2,"href":"https:\/\/sites.wp.odu.edu\/shianne-brown\/wp-json\/wp\/v2\/posts\/305\/revisions"}],"predecessor-version":[{"id":308,"href":"https:\/\/sites.wp.odu.edu\/shianne-brown\/wp-json\/wp\/v2\/posts\/305\/revisions\/308"}],"wp:attachment":[{"href":"https:\/\/sites.wp.odu.edu\/shianne-brown\/wp-json\/wp\/v2\/media?parent=305"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/shianne-brown\/wp-json\/wp\/v2\/categories?post=305"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/shianne-brown\/wp-json\/wp\/v2\/tags?post=305"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}