Cybersecurity is a major problem for most U.S.-based organizations, and it’s abundantly clear that the weakest link in the chain is employees. Most experts agree that robust training is needed to secure our nation’s organization from dangerous data breaches, but unfortunately little is being done in this regard. The same is true in Canada. October 1 marked the first day of Canada's national Cyber Awareness Month, which aims to shine a light on the country’s security problems. “Canadians are not training their employees nearly to the extent they should be,” says David Senf, founder of cybersecurity research and consulting firm Cyverity and former IDC Canada analyst. “It’s not just about ‘Go take some training,’ or ‘Use the password management tool,’ but being able to work with them to improve competence. And think about their commitment level to security. Even when training is given, it needs to be tracked and followed over time to understand where they [staff] are at.”