CompterWeekly.com's "Security Think Tank" section has an opinion piece by Mike Gilespie that's right out of the KnowBe4 playbook.
"In simple terms, the answer to how the Snowden revelations about the National Security Agency (NSA) and GCHQ should be influencing future information security strategies in the UK would be, not at all.
Information security strategy should be implemented after a properly scoped risk assessment. The appropriate level of response and risk mitigation can then be put in place. "
And he ends his article with: "In these budget-tightened times, why spend large sums of money on high-end technology when in real threat terms you will get a much better result by spending a fraction of that on some decent training for staff."
Could not agree more!