How secure are you from spear phishing attacks?

How easily am I tricked? I don't know, not too easily I hope. At least I have never been tricked on the internet. But don't we all think of yourselves that we are not easily tricked - and isn't it just a matter of how smart the trick is being made? You should ask yourself this interesting question as well.
I'm working in a small organization which I do not consider an easy target. Not so much because we work with IT and security, but more because I normally have a pretty good idea what I should expect to receive from my fellow workers. And again, as they normally write to me in Danish, that narrows it down as well (for the same reason most spam is easy to spot as it is in English). But those of you working in large and/or multi-national and/or high-profile organizations should read the "DoD Battles Spear Phishing" post by Robert Hersing. Robert asks this question -

So how would YOUR organization fair against a spear phishing attack
like the ones hitting the DoD?? Are your employees aware of the threats
posed by seemingly legitimate emails with seemingly 'innocent' / 'safe'
attachments?