More often than not, costly data breaches can be – at least in part – linked to human factors; however, few businesses provide their employees with adequate cybersecurity training or have formal, codified policies. According to the Kaspersky Lab Corporate IT Security Risks survey, 59 percent of respondents said the most serious data breaches they’ve experienced were the fault of careless or uninformed employees. In an increasingly connected world, workplaces are becoming more flexible. Employees use their own devices for both personal and professional use, and home offices are becoming the norm. Sound cybersecurity practices can be seen as a needless hurdle, and employees often become lackadaisical in protecting themselves and the company from malicious actors. While it’s important to have solid technological protections in place such as multifactor authentication, it’s equally important for management to reinforce the message that data security is the personal responsibility of each individual employee. Training needs to be in place to help employees identify threats and to keep employees vigilant in the changing cyber landscape.