Sometimes, security protection needs reinforcement to avoid deterioration of effectiveness over time.
This can easily be visualized in real world. Screws are used to tighten the wheels. Multiple screws are used for resilience. You add further clamp on to limit the screws from spin off.
In dealing with cyber protection, the easiest deteriorating stack is the human factor. You have policy published and communicated. You still need to reinforce the situation awareness to bring back attention.
An example is the phishing email. It is the common cyber attack vector resulting into infect ransomware to hijack all systems, install backdoor to corporate network, infiltrate sensitive information etc.
Other than regular communication, launch phishing test campaign to validate how many in the organization will fall into the trap. Through repeated exercise, the awareness to combat against phishing attack will be reinforced.