Recent studies show many employees are simply not very engaged at work. Getting people to care about security, to be engaged in protecting corporate IT assets, is a tall order. Security programs must foster a sense of identification, commitment, and loyalty in regards to security. Security teams are constantly challenged to improve the priorities, behaviors, and decisions people make regarding information security. “You can’t patch stupid” may strike security professionals as funny, or even accurate, but the attitude is self-defeating in the end.”]
Source: https://www.csoonline.com/article/3084701/how-to-get-employees-security-engaged.html