In this day and age, cybersecurity should be near the top of every manager’s list of concerns. Data breaches expose organizations to liability, tarnish their reputations, threaten employees' and customers' privacy, and cost billions annually. However, although this is common knowledge, leadership is doing little to secure the most common attack vector—employees’ mobile devices. According to AT&T’s Cybersecurity Insights Report, a little over half of all breaches occur on mobile devices belonging to employees, but only 61 percent of companies mandate security awareness training for all employees. What’s more, according to another study, 44 percent of companies do not have a unified information security strategy. To protect themselves, organizations need to create engaging and relevant training programs to impress on employees the importance of cybersecurity, particularly as it relates to their day-to-day use of mobile devices. Additionally, training should be designed to reward positive behaviors. Telling people what not to do is important, but a far more effective approach is to use gamification techniques to positively reinforce the behaviors that should be repeated.