If you have worked in IT Security for a while you will probably have heard the old saying;
"You don't have to outrun the bear you only have to outrun the other bloke"1
I've heard it several times and it annoys me because it's almost always used to defend doing a half-baked job of something. Things like using WEP because the neighbour's WiFi is unsecured.
Now I would never say things need to be perfect you're better off with something that works and is good than waiting for the perfect solution to be built. But if you're going to do something you should at least try to do things properly.
You should at the very least try to outrun the bear.
Or some variation on the theme. The one I originally heard was "the tiger" which I think sounds better, but Google suggest that "the bear" is more popular. ↩