The task of crafting or revising cyber strategy is one that keeps many consultants and chief security officers up at night. Security strategies are a unique reflection of the risks, regulatory compliance requirements, business processes, and organizational culture within your firm. Each business is a different entity with a unique culture, mission, and even enemies. The first compromise allows the attacker to get closer to their actual target, a secondary victim. The people we trust the most (our employees) often present the greatest danger. The most effective ways you can minimize the phishing threat is through awareness and training.”]
Source: https://www.csoonline.com/article/2984032/how-to-create-effective-cyber-strategy.html