With a limited IT/IT Security budget, should an organization make investments in the area of Security Awareness Training or Zero Trust?

Security Awareness training73%

Zero Trust26%


1k views2 Upvotes2 Comments

Director of IT in Software, 201 - 500 employees
Technology can still not compensate for the negligence and naivety of humans. The weakest link in the chain is still employees, so it's always better to invest in training/awareness than fancy technology if you don't have the basics.
There is no single product that is Zero Trust. It's a concept and can be achieved by combining various technologies.
If someone is selling you a Zero Trust product ... run away.
With limited budgets starting from the low-hanging fruits and education, employees are the obvious choice.

Senior Director, Defense Programs in Software, 5,001 - 10,000 employees
Zero Trust is nebulous here, but technical implementations are critical. Normally security awareness training is limited and often not well tailored to enterprise specific use cases.

Given that, invest in the basics - patching, monitoring, identity management, encryption, compliance… some of that can fit the zero trust buzzword, but don’t chase it.

Content you might like

Director of IT, Self-employed
Enabling GenerativeAI in our detect product.
Read More Comments
1.8k views1 Upvote2 Comments

CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.
Read More Comments
42k views131 Upvotes319 Comments