Write-Up: The Human Factor in Cybersecurity

Posted by vrech001 on

In this write-up, we will look into the human factor in Cybersecurity. As everyone knows, humans make mistakes, and these mistakes affect cybersecurity in drastic ways. In the scenario given, I will be a Chief Security Information Officer. Also, I am given the task to balance the tradeoff of training and additional cybersecurity technology. Lastly, I will be given a limited budget to achieve this balance.

CISO (Chief Security Information Officer)

            Being a CISO is one of the most important jobs someone can hold in a company. According to Forbes, CISO’s oversee and develop plans to efficiently provide data security for companies (2024). Data security is the most important task companies try to tackle. CISO’s are very effective in tackling this task. While reading an article from PWC, I learned cyber threats were cited as a moderate to very high risk from seventy five percent of executives from a poll survey” (2024). Executives hire CISO’s to monitor and establish plans to tackle this risk.

Balancing the Tradeoff of Training and Additional Cybersecurity Technology as a CISO

            With a limited budget, making sure proper training and cybersecurity technology is implemented will be a hard task. However, the most important thing I would want to implement would be proper employee training. Proper employee training is the most important because they are the engine that control the cybersecurity technology. With a limited budget, if I am able to have great knowledgeable employees, I can at the very least have effective responses and protection for my sensitive data. Another thing I would do would be to routinely refresh concepts that are needed for managing my private data. The last thing I would do with a limited budget would be to put in place some basic countermeasures. Some basic countermeasures I would put in place would be proper software, backups, regular updates, and firewalls.

Conclusion

            In conclusion, it is very hard to balance the tradeoff between training and cybersecurity technology. However, I believe it would be in the best interest of a company to have employees who know what they are doing rather than shiny cybersecurity technology. That technology will go to waste if the employees have no idea how to operate it. Lastly, it is important to have at least some cybersecurity technology in place since cyber criminals continue to find new ways to commit cybercrimes.

References

PricewaterhouseCoopers. (n.d.). What’s important in cyber to Cisos in 2024. PwC. https://www.pwc.com/us/en/executive-leadership-hub/ciso.html

Woollacott, E. (2024, July 24). What is a chief information security officer? Ciso explained. Forbes. https://www.forbes.com/sites/technology/article/chief-information-security-officer-ciso/

Leave a Reply

Your email address will not be published. Required fields are marked *