Very often, however—both in the world of computer security and elsewhere—leaders don’t talk to anyone before making decisions, even when they have specialists right at their fingertips.
Case in point: The consulting firm PricewaterhouseCoopers (PwC) once purchased a startup encryption company and announced the acquisition at a conference. Several PwC staff had been encryption experts at the top-secret National Security Agency; apparently, none was consulted.
Around that time, Schneier wrote a column critiquing the encryption firm’s product.
PwC lost its investment within a few months.
—Adapted from the blog Schneier on Security, and Secrets and Lies: Digital Security in a Networked World, Bruce Schneier, Wiley.