The people who handle breaches all day may be the worst at protecting themselves. Feeling invulnerable is what lets us function around constant threat, the way it lets doctors work around disease. Warnings about our own risk rarely stick.
https://zeltser.com/illusion-of-invulnerability
zeltser.com
Healthcare workers wash hands more often when signs emphasize protecting patients rather than themselves, because people overestimate their own invulnerability but not others'. Security messaging may be more effective when highlighting risks to customers or colleagues rather than to the individuals
