Knowledge is power, time is money, so ....

Borrowing from physics: The integral of power over time defines the work performed. Which is a long way to go in order to say: If you put your knowledge to work, you save (or make) money during that time. In this case, knowledge of how to handle basic security situations, put into the hands of your staff and put to use will save LOTS of time and money down the road. This company http://www.knowbe4.com/ takes the (sadly) unusual (in the IT world) step addressing the root cause of many i not most security breeches. The average worker's lack of knowledge. How many times has someone held the door for your in a place that requires swipe cards to get in? Or buzzed you into a building without asking who you are and why your there? That person is being nice and completely undoing any security usefulness of a very expensive lock. That person probably thinks they are doing nothing egregious, and depending on the location and time it likely is harmless..... right up until its not. If that person knew the math and the consequences, they probably wouldn't be so "nice". They would probably understand that this act of kindness to a stranger is misplaced and in many ways an act of sabotage to their building or office. KnowBe4 works with staff to train them in how to think about security, to avoid phishing scams and even spear phishing attacks. I have not had the opportunity to work with them, as they are outside my current budget, but I have had long conversations with their sales people and engineers. I am impressed with the approach and track record. Check them out.