You Can’t Install Education but You can drive it!
I get it, budgets are tight and stress is pushing redline. It seems like the last thing you need is one more business issue to worry about.
You've invested a chunk of resources into security technical controls, installing hardware, software, personnel etc.. but you have an unsettled feeling and you ask yourself, have I done enough?
Your answer lies in what I consider the most obvious and most accessible solution which has been, and remains employee Cyber-Security awareness education. As some race car drivers say, you have to "slow down in order to go fast." Drop down a gear to refocus your attention on educating your staff about Information Security topics. Make it a daily part of the Continuing Education strategy of your organization.
Also, you might stop looking at your non-technical employees as cyber liabilities. A highly-informed group of critical thinking users can spot trouble before it happens and will serve as a major asset to your IT team. By educating the average user you will help transform them into an active participant that keeps your organizations security a top priority.
As always, I have your best interests at heart. If you stay informed you'll be ahead of the curve!
All my best,