Well, I thought everyone has seen this announcement already - but I'm wrong! 😉
Because of too many questions, here it is again:
Your last line of defense is: Well, the user. In order to help you to address this, we published a Security Awareness Kit - pretty cool stuff. You can get it here:http://www.microsoft.com/technet/security/understanding/awareness.mspx
In February the Microsoft Security Awareness Toolkit was launched at RSA. The toolkit helps our enterprise and upper mid market customers address their last line of defense with resources to implement comprehensive security awareness and training programs. The increase of attacks that target human vulnerability is driving our customers to recognize the importance of security awareness in their overall security strategy. The latest CSI/FBI Computer Crime and Security Survey indicated that 43% of respondents view user awareness training and education as the most critical security issue in their organization. Also our own spy net data indicates that more than 35% of cleaned malware is related to social engineering attacks.
IT security decision-makers and implementers are often asked to develop and deploy a security awareness program in addition to their current responsibilities. These IT managers quickly begin to realize that effective security awareness programs require a considerable amount of planning, content, and integration with the business and they often fall back to their day to day responsibilities of managing a secure infrastructure. Consequently, security awareness programs are often overlooked or incomplete.