As phishing and malware attacks become more prevalent and sophisticated, midsize and large businesses must rely on employees to protect their data. But employees are busy. And security to them is often an afterthought.

While conducting security awareness training might not seem worth the effort, a well-designed program can generate tremendous benefits.

Harnessing behavioral science, such programs use unconventional methods. Training posters may wind up in bathroom stalls, and tests may include baiting employees with phony phishing emails.

Click here to read the full article.