An interesting article here:
I was very pleased to see that Tony Neate was highlighting the virtues of providing security awareness training to help organisational users improve their own, personal online security. I have been using this strategy for several years now and I have found attendence is improved and audiences are more attentive and retain more information.
The only section of the organisation I have found to be resistant to security awareness training tends to be the IT support section but since I work closely with them, I am given the opportunity to point out where they are breaching security and why it is a Bad Idea. I think they hate me.