Organizations didn’t inflict this on themselves. The proliferation of vendors and products, driven by overwhelming need and a growing security economy, has created a wide diversity of approaches to solving various security problems. In seeking to find a novel, often information-centric angle, however,many of these solutions have inadvertently created new challenges and failed to improve security.