A gang of eight is now in custody, after one of them pretended to be an IT engineer and hooked a KVM switch onto a bank computer to siphon off the funds.
Malware rarely gets into your network without some sort of tell-tale signs beforehand.
Learning to spot the metaphorical smoke that precedes the fire of a malware infection is a handy metaphor for keeping your network safe.
Should they be held accountable for their scam-email-opening ways? Should we tell them off at assessment time, brand them with a mark of shame, or, just maybe, a third option: invest a bit more in decent security training?