If the multiple defenses that we set up to keep our networks secure is looked at as a chain, the end-user is often the weak link. And the reason for that isn’t that users are stupid, or malicious, or don’t care about security. More often than not, it’s a lack of education. This article looks at how proper training can go a long way toward addressing the people aspect of our security problems.
http://www.securityweek.com/security-people-problem-training-solution