I’ve been reading “The Art of Deception” by Kevin Mitnick & William L. Simon (ISBN 0-471-23712-4) which deals with the biggest security hole of all, The Human. What he does in the book is layout various social engineering scenarios (each using different tactics) and then goes through “Analyzing the Con”, showing what the con did and what the victim could/should have done to prevent the attack. Some of the scenarios he describes he actually carried out himself! As you read through the chapters the stakes and the methods of the attacks get higher and more advanced and somewhere around Chapter 10 you realize that humans really are the weak link in security. No matter who you work for or how large your business is I suggest you pick up this book and study it! At the end of the book Mitnick gives sample security policies and other methods to avoid the social engineer.
In personal perspective, I work as an 18-wheeler truck loader for a large shipping company. After reading this book I’m embarrased at the security for my facility. But as a grunt man there isn’t much I can do about it aside from staying cautious on my own.