Stickers OK, education, not so much
I am warming to the idea that the layperson, to use the OA's qualifier, is not the person to explain security to. If an entire generation of people could not learn to set the time on their VCRs (slightly exaggerated, I know), it is unreasonable to expect their offspring to understand the stakes in our security-lacking world of today.
Security needs a major shift into companies baking the security into their products and making it easy to use despite the user's cluelessness. Not an easy task given the lack of security awareness in companies at this point in time, but one that will become feasible after enough finger-pointing and IoT-based DDoS attacks.
So we're basically going towards a more security-friendly world one DDoS at a time.