How many of those USB drives are secure -- that is, how many of the USB drives were purchased with pre-installed anti-malware tools?
Chances are, not many.
The ubiquity, convenience and affordability of USB drives have driven their acceptance as perhaps the de facto transport medium. They don't cost much -- and sometimes are given away for free -- and offer plenty of capacity in very tiny packages.
That capacity, of course, can hold malware as well as legitimate data, and plenty of USB drives are delivering plenty of auto-run worms and other malware to business (and probably even more to homes).
The threat vector represented by USB drives is well-established, and well-exploited. Indeed, not long ago, IBM gave away USB drives at a computer security conference, only to discover later that the freebie drives were infected.
If you want a good idea of just how little thought people give to putting even unfamiliar USB drives into business computers, take a look at Scott Wright's Honey Stick Project where specially configured USBs were left lying around near business to see what happened when employees came across them.
You can guess what happened: The drives were picked up, and a substantial number of them inserted into company devices.
Secure USB drives cost a little more, sure -- but the cost of permitting your employees to attach unsecured devices to your network can be far, far higher.
Time to insist that any USB drive used at work be a secure drive.