The licensees must ensure that all employees receive adequate training on a regular basis, in relation to cyber security and the threats they could encounter. The effectiveness of the training should be tested on a periodic basis such as through testing employee reactions to simulated cyber-attack scenarios. The results of such tests must be used to further enhance the cyber security training of employees. All relevant employees must be informed on the current cyber security breaches and threats.