Human beings are poor judges of risk. For example, we perceive the risk of air travel to be higher than it actually is after a fatal aviation-related accident happens.
We also tend to dismiss risks just because we don’t see a tangible negative impact right away. This is, for example, what prevents many from making dental hygiene a priority: we all know dental hygiene is critical to our health and a relatively easy “investment”, but when nothing bad happens immediately after skipping teeth brushing once, many stop being regular about it.
“It is hard or impossible to predict just how many times of skipping a good brushing it takes to get you in trouble with tooth pain, so we tend to take on more risk until we end up getting toothache and regret not investing enough on preventing organizations making pragmatic security decisions security
