I guess I should start a collection of deeply obvious and thus near-idiotic things that [fake] "security experts" like to proclaim.
Here is one highlighted by Fred Avolio's Musings: Removable media in the workplace can become a security timebomb. Wow, what a revelation!
The second was from the ISSA Journal; it was a paper on DoS attacks written under the theme of "don't underestimate DoS" :-) Oh, really? I thought the proper response to DoS is to look the other way :-)
I am just waiting to log more of this type of writing, such as that "viruses are bad", "attacks will continue", "security is a problem", etc.