Cyber breaches are a costly issue and are becoming all too frequent. Smart companies are realizing that training is needed to ensure all employees are maintaining good online habits and not exposing the organization to undue risk. Employees are a company’s most valuable resource in the fight against cyber crime, but they also have the highest potential for error. It’s important to create a training program that keeps employees abreast of the latest threats and tailors information to each role's specific needs. Training should focus more on practice than theory and have built-in mechanisms for feedback and evaluation. While training is critically important in protecting against cyber threats, another critical component that is often overlooked is the internal communications strategies the organization is using. By building a robust communications framework, an organization can reduce the likelihood of leaks and mistakes. Most data is processed through internal channels, and leaving these channels unattended is a mistake. Set up guidelines for how different types of data are handled (should this be emailed from a smartphone?) and build in technological protections like encryption and multi-factor authentication.