Employees are among the weakest links in protecting against cyber attack, but they are also one of the most important solutions to the problem. That’s why officials—particularly those in the healthcare industry—are turning to employee training programs to reinforce their security postures. These training methods complement existing technologies and increase employee responsibility for their own cyber vigilance and behaviors. "You want people to be in touch with the reality of the situation," said Pamela Arora, chief information officer at Children's Health. To be successful, training needs to be across the board; from the C-suite to frontline staff, everyone needs to understand the organization’s vulnerabilities and how they can be exploited. Training must teach employees the importance of being careful in the cyber landscape, and how to protect against various types of malware. "[In healthcare] cybersecurity is not just an IT issue," said John Riggi, an FBI veteran who heads BDO's cybersecurity and financial crimes unit. "It's a patient safety issue, first and foremost."