An effective employee cybersecurity program does not start or end with a single training session. To combat evolving threats, companies need to establish ongoing communications with employees and continuously evaluate their training program. In this final article in our three-part series on the topic, outside counsel, consultants, and in-house experts provide actionable insight and recommendations on how companies should follow up after the initial training. They also address the challenges of establishing an employee cybersecurity training program and how to handle training when dealing with third-party vendors. Part one of the series discussed tailoring policies and training to the type of company and universe of employees and part two highlighted ten important topics to cover during training, as well strategies for engaging employees and getting the message across. See also “Strategies for Preventing and Handling Cybersecurity Threats From Employees” (Apr. 8, 2015).