Your employees are your greatest asset—and your greatest cybersecurity risk. That statement may sound harsh, but hackers often prey on unwary employees because employees can provide easy access to otherwise secure systems.

Remember the Anthem breach earlier this year? Hackers gained access to nearly 80 million consumer records containing personal data, at least in part by using stolen employee credentials such as user IDs and passwords. It’s likely that Anthem employees unknowingly handed over their credentials online or inadvertently allowed hackers to insert malware into company systems.

How can you keep your data secure? The short answer is to train your employees. They must understand the critical role they play in the company’s cyber defenses. Make sure they understand company policies about security, use of personal devices, and keeping mobile devices secure, among other issues. You must work to engage employees in abiding by these policies. The ideal company culture is one that expects and rewards compliance with cybersecurity policies.

 …