b"Acquiring information security wares gets more complicated every day - some 1,000 vendors offer 150 categories of products - so it's unreasonable to expect even the most informed chief information security officers to know everything about them."