Information security is a hard practice. When nothing happens, it's a good day. Attackers only have to hit the jackpot once in order to be successful. Security professionals have to be right every time. No wonder most practitioners continue searching for the "silver bullet," which makes all of the angst and risk go away.