I totally agree with Mich on this one. Internet security(or insecurity) is at very best blamed on uneducated users who fall prey of pretty obvious scams. Social Engineering is what its called and i believe this is even extended to our offices and workplaces. If you have noticed, most establishments have taken necessary steps to curb perpetrators by "installing" necessary security mechanisms and also survenrance cams. Now what they dont know is that to an educated and sly intruder he will no go in bradishing a gun or whatever weaponary but will be abit subtle. Actin like a lost user, confused visitor while all the time the guards assist him/her into the bellows of the building. Other techniques like tail-gating through secure entrances have been witnessed in our offices and this gives a lee way to intruders who may not be tech-savvy . In my opinion, i think user-education on the need to identify potential threats and also how to thwart them is what it takes to take a step towards securing our Intellectual Property, Data centers etc etc.