• Cyber Safety
  • Posts
  • “Security Theater: Controls That Look Good, Do Little”

“Security Theater: Controls That Look Good, Do Little”

December 30, 2025

In partnership with

Introducing the first AI-native CRM

Connect your email, and you’ll instantly get a CRM with enriched customer insights and a platform that grows with your business.

With AI at the core, Attio lets you:

  • Prospect and route leads with research agents

  • Get real-time insights during customer calls

  • Build powerful automations for your complex workflows

Join industry leaders like Granola, Taskrabbit, Flatfile and more.

Compliance Checklists Replace Real Risk Management

Teams pass audits by ticking boxes — not by improving posture. Controls exist on paper, not in practice. Compliance becomes the goal, not security.

MFA That’s Easy to Bypass Is Just Optics

Push-based MFA with no context or timeout gets spammed. Users approve without thinking. Attackers exploit fatigue, and defenses become rituals — not barriers.

Encryption Exists, But Keys Are Poorly Managed

Data at rest is “encrypted” — but keys are stored alongside it, or shared loosely. The appearance of security masks operational weakness. Encryption isn’t security without governance.

Build real AI and tech skills, faster

Udacity helps you build the AI and tech skills employers need—fast. Learn from industry experts through hands-on, real-world projects in flexible, fully online courses. From AI and machine learning to data, programming, and cloud, gain practical skills you can apply immediately and use to move your career forward.

DLP Rules Exist, But Don’t Prevent Exfiltration

Data Loss Prevention tools flag actions — but don’t stop them. Rules generate alerts no one reads. Data walks out while dashboards glow green.

Security Training Is Treated Like a One-Time Event

Annual training videos satisfy policy — but do little to shift culture. Real awareness is continuous, contextual, and engaging. One-time slides don’t build resilience.

Locked Doors Hide Open Windows

Teams invest in firewalls, EDR, and PAM — but leave exposed APIs, S3 buckets, and misconfigured SaaS. The controls that get budget aren’t always the ones that block attackers.

Learn AI in 5 minutes a day

What’s the secret to staying ahead of the curve in the world of AI? Information. Luckily, you can join 1,000,000+ early adopters reading The Rundown AI — the free newsletter that makes you smarter on AI with just a 5-minute read per day.