The gap between what the risk register records and what the attacker exploits is not a failure of people — it is a failure of design
It Can Be Managed
The gap between what the risk register records and what the attacker exploits is not a failure of people — it is a failure of design