Building a Cybersecurity Culture: Training Employees to Be the First Line of Defense