Everyday information security
There is a general belief by end-users and executives that most information security incidents contain a level of extraordinary activity and usually do not occur during a typical work week. The thought is that security events against a corporation are few and far between, so the resources spent on protecting against potential incidents do not provide a good return on investment. The security industry has countered by spending significant time in showing the value of protective investments in hopes of altering the belief that security does not equate to an effective ROI.