Your organization has recently conducted a security audit and identified the need to improve the cybersecurity training for employees to substantially reduce human error-related security breaches. Which type of control should you primarily focus on implementing to address the identified need?
Managerial controls, such as policies for mandatory cybersecurity training programs
Technical controls, such as automated intrusion detection systems
Preventative controls, such as implementing two-factor authentication across the organization
Operational controls, such as security guards and incident response teams