Is not intrinsically a technical issue, it is a people issue. No amount of technical solution can mitigate blind trust (e.g. Social engineering)
I disagree with abandoning the classification of "user". To me it denotes productivity versus maintenance of tech. At times I am a user and that delineates both limited security exposure and greater knowledge of applications. When I'm IT I have to be very careful because of greater power and risk, but I'm often completely ignorant of how to be productive using specific apps/devices.
Keep Up with TechRepublic