The insanity of security – a series of queries!

Whether you attribute this quote to Rita Mae Brown, or Albert Einstein, it’s out there and it sums up a lot of security practices: “Insanity: doing the same thing over and over again and expecting different results."

1. Why are the same threat mitigation strategies implemented time and time again with similar (and often highly public) failures?

2. Is this a factor of the cyclical nature of organisations, governance, risk and compliance processes?

3. Is this a factor of vendor fear, uncertainty and doubt built around their product marketing, development and release cycle? “There’s an upgrade/update for that just around the corner … bear with us."

4. Is this a factor of lazy security practitioners following the flock of sheep and not risking running with the pack of wolves?

5. How does law enforcement keep up, or ahead of criminals in the real world? Why can’t we/they do the same in the digital world? Are physical crimes a priority over electronic crimes (or are we stuck in tradition)?

6. What is greater: a) “selling” security to the business, or b) fear of mitigating potential security breach in the media?


Share with us some positive experiences where the above is the exception not the norm.

This article is brought to you by Enex TestLab, content directors for CSO Australia.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

More about CSOEnex TestLab

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Matt Tett

Latest Videos

More videos

Blog Posts