A while back I made a post on “One Way Hash” Arguments, a term coined by Julian Sanchez in his excellent post on Climate Change and Argumentative Fallacies . The context of Sanchez’s post is a discussion about the difficulties of refuting false arguments concerning the state of climate change. From my post
Often business has the “snappy intuitively appealing arguments without obvious problems” – plus Excel – while if the security practitioner objects, then by contrast, the “rebuttal may require explaining a whole series of preliminary concepts before it’s really possible to explain why the talking point (i.e. business case) is wrong”. Snappy and plausible usually wins out over lengthy, detailed and correct. There is asymmetry at work here, a “one way hash” argument, and security people have ended up with the hard inversion problem.
So often security arguments are being shot down by business people. Michael Iva has a great presentation on the lines used to shoot down ideas, in fact 100 of them. I expect quite a few will be familiar to you.