Finance employees among least trained in cyber security