The people that understand the risks generally don't represent a problem, but the people that don't understand them often also don't benefit from an explanation in a way that would change their behavior.
And in the corporate world there is the problem of status. People higher on the hierarchy do not like being told that they cannot do something by people lower on the hierarchy.
And if something goes wrong then it is YOUR fault because "security" was YOUR responsibility.
Computers are not magic, but many people believe that they are.
The problem there is that software has all the problems of a magical system. If you do A, B and C and then expect D to happen ... maybe it will, maybe it won't. Had you previously done X, Y or Z without rebooting?
There was a CAD program that had a problem with memory fragmentation. Even if you closed the previous files, eventually you ran out of contiguous memory and then your computer would complain about "issues" when you tried to open a file larger than your available contiguous memory. So first thing in the morning everything was fine. But around lunchtime things got weird. And the weirdness wasn't evenly distributed. On Monday, Alice would have a problem but Bob would work fine. On Tuesday Bob would have a problem but Alice would be fine. Etc. .....
And that was a problem that I could diagnose. There are hundreds more where all I can say is "perform the rite of reboot" and only open the app you have trouble with right now and let me know if it's still having trouble my god what are all those apps that are loading on start-up.