Number one, cybersecurity awareness training sounds boring, but all I'm really doing is I'm taking the opportunity to train my staff what to look for, signs to know that this is a phishing email, or this is a cyber attack and how to deal with it. When you look at the bulk of the attacks. That we've had in the last several years, they've been socially engineered to some degree.

So having some training for our people, what to look for is probably the number one thing that somebody can do. Number two, it would be implement multi-factor authentication everywhere we can. If you just did those two things, made people aware, you implemented multi-factor authentication, and I would go to a third and say, if we want to have a third, it would be use different passwords everywhere.

Don't, don't reuse the same password.