Nowadays, we are witnessing a constant increase of cybersecurity-related threats and dangers. New trends such as monetization of attacks, their virulent propagation through social media channels, the abusive collection of data through interconnected smart things, with little concern for the privacy of the user, are expressed by the important security solutions providers around the world. In addition, the academic literature presents numerous real and proof-of-concept attacks and security problems that have a considerable impact in various domains. On the other side of the story, the organizations usually ignore privacy and security concerns, and there is a very low level of awareness regarding these issues. The need for related training programmes and educational curricula in this area remains almost unanswered. In this context, the paper analyses the security measures applied in contemporary organizations with the purpose of raising employees’ cybersecurity awareness and discusses their effectiveness, using a sample of 25 small and medium Romanian enterprises, with the intention to identify the current and to propose future viable solutions for raising awareness and inducing ethical behaviour among employees.