As an industry we try to lump all security into one bucket and solve all problems. Security isnt one bucket, its a lot of different things, I have a feeling trying to put everything together is a big part of our problems. A lot of security teams and people try to be barber-physicians which is going to end badly for most patients. The problems and needs for securing a desktop have very little in common with how to develop secure code. The two biggest things that one could do to improve security are using a password manager and enabling two factor authentication.”]
Source: https://www.csoonline.com/article/3269077/the-immature-security-industry.html