Employees are the weakest link in the cybersecurity chain, and the best tool managers have to address this weakness is training. But this training must be focused and meaningful if it is to have an impact. Training programs should emphasize the role the employee plays in keeping the organization safe, and should educate employees on how to best identify and report issues using internal channels. These threats should also be defined and codified. Many managers may believe their employees are up to date on key terms related to cybersecurity threats, such as malware or phishing, but workers may not have these key words in their vocabulary. Actual data from an organization’s security protocols should also be included in the training program. If a company can, it should share the number of intrusion attempts made against the network and how those threats were identified and stopped. Real-life examples tend to have more of an impact on employees than hypothetical situations. Employees shouldn't be the only ones trained, either. The board of directors and executive team members should be included as well.