IT security pros admit they’ve often looked the enemy in the eye only to find themselves staring back in the mirror. A recent unscientific and informal poll CSOonline conducted over social networks as Twitter and LinkedIn. The reasons range from underdeveloped patch management systems to the simple belief that fast patching isn’t the imperative. Security pros are often guilty of giving themselves exemptions in the firewall/Web proxy/content filter. One security expert admitted he has run several development and test systems without an active firewall or antivirus out of necessity.”]
Source: https://www.csoonline.com/article/2124352/7-ways-security-pros-don-t-practice-what-they-preach.html