"We have found that a lot of companies spend a lot of money and time building a strong, secure infrastructure, but they don't spend much time on securing their people. They're not trained on what to look for, at a time when hackers are getting more sophisticated," says Snapp, president of RocketReady, a Tampa company that offers readiness testing in addition to other services and products.

RocketReady's employees use the same techniques that malicious hackers use to gain information and access to a company's IT infrastructure and the data it contains.

They gather information from readily available sources, such as a company's Web site. They then pose as customers, potential clients, representatives of partner companies, travel agents and even employees to get specific details, such as employee ID numbers and acronyms used only by company workers, that will help them in their attacks.

Baird doesn't want T2 employees to fall prey to scams. Since Rocket-Ready showed him how easily it could spoof Caller ID, Baird has upped company-sponsored training on this issue and now requires staffers to take annual courses on the topic.