Measure twice, cut once: sound advice for infosec, toosecurityskeptic.typepad.com1 pointgapanalysis13 years ago