So, I was reading some survey and came across this bizarre, mind-boggling (maybe even 'mind-numbing?') picture:
How can security be THAT disconnected from risk? Can somebody explain this to me? (Please don't explain by stating "crappy survey methodology" - I can pull this one myself, thank you very much :-))
Mr Hoff, can you help here? :-)
UPDATE: I have a full PDF of the report; can email if interested!
UPDATE2: a lot of fun discussion inspired by this post is here.
UPDATE3: more discussion here where the model "(strategic = risk) vs. (tactical = security)" is used.