Human Factors in Cybersecurity

Posted by tmorg022 on

With a limited budget, chief information security officers (CISO), can balance both the technical and social side of cybersecurity. The focus of cybersecurity methods and practices relies primarily on the technological and digital features within the field. In turn, this leads to a neglect on the social human-side where most of the vulnerabilities occur. With knowledge of proper training practices paired with cyber technology, this can minimize weaknesses and improve security for an organization.

Cybersecurity Personnel Training

            Employee focused cybersecurity training is an effective way to help prevent potential cyberattacks and to help protect sensitive data. As such, it should be allocated 30-40% of any company’s cybersecurity budget. Different types of trainings include online in-person or hybrid, with the most budget friendly being online (Bui, 2024). Periodic training is another factor to consider ensuring that employees are up-to-date with the latest security practices. Off-the-shelf programs are one of the many different types of cyber awareness training that include online courses or webinars (Bui, 2024). This affordable method provides a blanket coverage of basic level cybersecurity safety methods that are good for any type of company.

Cybersecurity Technology

            Cyber technology has had consistent development and growth to secure an organization’s digital network. With technology becoming more advanced and hackers more skilled, the value of having the latest security technology increases. A budget that takes this into consideration, would designate 50-60% of its cybersecurity funds to keep up with this change. Depending on the company, they may have the funds to outsource to prominent cybersecurity companies to solve this issue like Managed Security Services Providers (MSSPs). The Cybersecurity & Infrastructure Security Agency (CISA) has free cybersecurity services and tools for free for both public and private sector organizations (Free Cybersecurity Services & Tools: CISA, n.d.). Other affordable investments include implementing Multi-Factor Authentication (MFA), Endpoint Detection and Response (EDR) and Email Security Solutions (FreshySites, 2025).

Conclusion

            In order to prioritize the effectiveness of a company’s cybersecurity procedures, it is important to look at human-factors within its infrastructure. Using the latest security technological developments is only as good as the employees it works alongside. A decent and balanced budget would see this issue and implement new procedures to aid in this effort.  Humans are more likely to make mistakes than machines, so having them trained is the most efficient way of ensuring proper cybersecurity.

References

Bui, S. B. (2024, November 21). Cyber Security Awareness Training Cost Guide for 2024. F. Learning Studio. https://flearningstudio.com/cyber-security-awareness-training-cost/

Free Cybersecurity Services & Tools: CISA. Cybersecurity and Infrastructure Security Agency CISA. (n.d.). https://www.cisa.gov/resources-tools/resources/free-cybersecurity-services-and-tools

FreshySites. (2025, February 6). Affordable cybersecurity tools for small businesses. Corporate Counsel Women of Color Entrepreneurs. https://ccwomenofcolorentrepreneurs.org/affordable-cybersecurity-tools-for-small-businesses/

Leave a Reply

Your email address will not be published. Required fields are marked *