As for teaching security in schools, that would be a waste of time. I heard about one school that went through and designed the whole security system so students would not have admin rights on the PC's and all the rest. It only took 48 hours after the schools opened for the year for the security system to crumble from the students hacking it.

I also read an article that banks would hire a security company to do an audit of their branches. The four guys showed up in fireman's blues in a plain white van, come in and say we're doing a yearly fire/safety inspection. When they left their was a tap on several keyboard wires, a USB plugged in that had spyware loaded on it and the server had a floppy in it that had a virus on it, and was setup to accept RDP sessions from anywhere on the internet.

So it isn't just remote hackers that you need to be worried about.