Security professionals also do things that unwittingly introduce risks and compromise enterprise security. Here’s a look at six self-defeating behaviors you should avoid: Downloading tools that introduce risk, misconfiguring technology and patching reactively. Investing in detection vs. prevention and paying ransoms can also be a bad investment decision, says Palo Alto Networks’ vice president and CISO. Paying ransom is “a ridiculous way to deal and puts incentives in the wrong hands,” he says.”]