I think if that is what he really meant to say, and if he believes that, then the man is out of touch with reality. Enough security is critical - no argument. Too much security will bog system resources down and hinder productivity and often, fail to make us safer or more secure. If we have security lights, alarm systems, window locks, a regular door lock and a dead bolt door lock, and a rottweiler protecting our home, will adding yet another dead bolt door lock make us safer from a determined intruder? As someone who worked within the infosec community for over 4 decades, I find it disturbing the word "training" is not mentioned once in that article. The user is, was, and always will be the weakest link in security, and yet he doesn't mention user training once! Perhaps that should be expected from someone who makes his living working for a company that sells security software. If one takes a moment to study the causes for nearly every network breach that ever happened, and nearly every personal computer that's been compromised, most, by a vast majority, happened because someone clicked on an unsolicited link and let the bad guy in. To add insult to injury, in many of those cases (Equifax is a great example), the bad guy was successful because the IT and security managers (including the C-Level execs) failed to do their jobs! In the Equifax case, the IT and security managers received the necessary patch to seal the vulnerability nearly 6 months before the breach occurred - they just didn't bother installing it. The result? Over 160 million American, British and Canandian users' personal information was compromised. If users (including - perhaps "especially" the IT personnel) were properly trained to keep their systems (and security) current, and to avoid being click-happy on unsolicited links, being a hacker/bad guy would not be such a lucrative and rewarding occupation. Of course, one has to wonder what financial incentive that author and his company have to rid the world of security threats in the first place.
