Absolutely right, Jeff. There is a habit of secrecy that inhibits security folk talking to each other about their threat research. At least that’s the case in the UK and it’s a mistake. The really bad guys don’t need us to tell them the threats – they are constantly devising new ones, often before we realise it. If we talked more, if we could somehow have water-cooler discussions, we’d have a better chance of anticipating bad surprises. We shouldn’t divulge our vulnerabilities, but we can share our threats and even our protective measures. Visible policing is a deterrent: likewise overt security measures can be a deterrent to attackers.