one of the main reasons Security community has hard time securing “stuff”, is lack of understanding of Hackers community.
without knowing motives, the motivations behind breaking into computer systems, and deep knowledge of hacking and cracking techniques, securing a system is pointless.
results are telling us every single day that we are not doing the right things to secure computer systems. security gurus do not identify root causes and they have literally no idea of what is happening at the same time with hackers gurus.
the way security community is “trying” to secure cyber is similar to spreading bunch of seeds in woods and go next month to check if anything has been germinated. of course some of those seeds “may” germinate but that is not the right way of planting.
we do something today without any context, with misunderstanding of exploits, no idea of motivations, completely ignoring or not understanding hackers technique, then a month later we want to validate the results. unorganized and irrational, and then we are surprised why ransomware is rocketing.