There are lots of different factors to consider when you’re trying to tighten up your cybersecurity and reduce the risk of data breaches. When it comes to development, you should consider security from the start, and always remember that proper security testing is vital. Thankfully, there’s plenty of excellent security software out there to choose from. No matter how sound your infrastructure, bear in mind that all your efforts can be circumvented, either deliberately or accidentally, by your employees.

When more than 1,700 chief information officers (CIOs), chief information security officers (CISOs) and other executives were surveyed by EY, 55% of them named careless employees as the most likely source of a cyberattack, well ahead of criminal syndicates, malicious employees and hacktivists. It’s a familiar story. When the Ponemon Institute surveyed 1,000 information technology (IT) professionals last year at small and midsize businesses, 54% said negligent employees were the root cause of data breaches.

Thankfully, there are several easy steps you can take to reduce the risk of your employees causing data breaches.

Put Policies In Place

Start by drawing a picture of what good security looks like. You must create clear, consistent policies for your employees to follow. This will serve as a foundation for your training. Having a procedure to follow reduces the risk that your employees will make mistakes in the first place, but it also reduces the likelihood that they’ll exacerbate errors they’ve already made.

It may not be possible to completely prevent data breaches, so you want to make sure that your employees know exactly what to do when they realize they’ve clicked on a link they shouldn’t have. The global average cost of a data breach is $141 per data record, according to the 2017 Cost of Data Breach Study (registration required) from the Ponemon Institute, but just having an incident response team in place can reduce that cost by up to $19 per record.