Having read and analyzed this myself, employees make these mistakes day in and day out. User Awareness Training is never enough!!!
In cyber security, there are two types of companies, those that have been hacked and those that are yet to be hacked :-) Recently, Microsoft was in the news, and now Cisco. You may want to read about the attack: https://www.bleepingcomputer.com/news/security/cisco-hacked-by-yanluowang-ransomware-gang-28gb-allegedly-stolen/
Some security experts have simplified and explained the breach! Kindly employ ways to increase and improve your security defenses, else you will pay the real-life costs of getting breached.
Today, I was just discussing and shedding light on this guide below and I highlighted that despite the attacks perpetrated on 2FA, it Is still highly recommended to employ it (still far better than the alternative of simply relying on a username and a strong password), and also never underestimate user awareness training whenever possible…