This isn't part of my job here at my company but it does become part of my job if our sites are infected due to a comprimised network.
How do you control what employees do in their email system? Is it suggested we do a security teaching training to make them aware what not to do?
This has gotten so serious I am searching for what we as a company should begin doing.
Maybe a weekly meeting say 20 minutes on internet security just to keep their guard up and not let them forget it is an everyday war.