I think the IT Security world has or will need to start a shift from reactive security, to pro-active training for ALL staff. The entire population needs to know how to identify malware threats to cut down on this kind of stuff.
P.S. - if it wasn't stated clearly in this article, nearly all (or all?) side-channel attacks need some form of malware to compromise the computer to gain access to the data. This means training people to identify the threats instead of relying on anti-virus suites for zero day threats.
I think part of the issue is even the companies that
do train their more "general" employees on good cybersecurity practices, most people just shrug it off as another "check-in-the-box corporate training session" and just want to get on with their day, or it's "not my problem", or "we won't get hacked, or any excuse really.
The average employee isn't going to care that much to know about good cybersecurity practices. Does that mean companies should just give up and not bother? No, but until everyone from the IT staff and dedicated cybersecurity professionals in the organization, down to the guy in the mail room give a crap, the biggest threat will continue to be the inside threat.