What's the biggest mistake companies make about their security strategy? Think about it for a second. I'll wait. You probably guessed paying too little, not having a strategy, having the wrong technology, or something related to one of those three categories. Those are good guesses – and they ARE causes of information insecurity for businesses in the United States and around the world. For the sake of argument, let's say you have a strategy and have payed for the right amount of security infrastructure (network, consulting, staff). That's great. But. If you aren't aren't training your users on security best practices, you increase your risk of a data breach.