Effective employee cybersecurity training – essential to reducing the risks posed by sophisticated social engineering attacks – consists of more than a generic online course. This second part in our three-part training series covers the components of a successful program and strategies for implementing training, including accountability. Part three will address assessing results, ongoing training, pitfalls and the board’s role. Part one discussed the importance of training as a cybersecurity defense, guidelines for establishing a training program and whom to train. See also “Designing, Implementing and Assessing an Effective Employee Cybersecurity Training Program (Part One of Three)” (Feb. 17, 2016); Part Two (Mar. 2, 2016); and Part Three (Mar. 16, 2016).