Your organization has recently conducted a security audit and identified the need to improve the cybersecurity training for employees to substantially reduce human error-related security breaches. Which type of control should you primarily focus on implementing to address the identified need?
Operational controls, such as security guards and incident response teams
Technical controls, such as automated intrusion detection systems
Managerial controls, such as policies for mandatory cybersecurity training programs
Preventative controls, such as implementing two-factor authentication across the organization
|Incident Response and Management
|Reporting and Communication