Re: Experimental data
> Let the world hope that you're not in security, since you clearly lack any understanding of it.
Lack understanding - hardly. Because asking for a considered and quantifiable measure of risk and downside is such a bad thing?
At least with that information people would be able to make a proper assessment of the threats they face and hence to apply the correct amount of effort. Instead of employing Wild Assed Guesses that either address the wrong issues, fail to resource their security teams correctly or even learn how to identify a real threat from ignorant media jibberings.
You never know, the next step might even lead to fact-based professionalism.