Episode 70

full
Published on:

30th Apr 2025

Security Gone Mad: The Fine Art of Overdoing It

Welcome to Razorwire, the podcast that challenges conventional thinking about cybersecurity with insight, humour and a dose of reality.

In this brilliantly unfiltered episode, we're joined by security professionals Iain Pye and Chris Dawson for a no-holds-barred discussion about security measures that cross the line from prudent to preposterous. From biometric authentication dilemmas to the maddening theatre of airport security, our experts dissect the fine balance between protecting assets and actually getting things done.

Listen as Chris and Iain lock horns on what constitutes "reasonable" security, with Chris arguing for Fort Knox-level protection while Iain advocates for practicality, whilst your host Jim attempts to referee. Their real-world examples of security absurdity, including trapping thieves in revolving doors and putting warning signs in car parks, will have you nodding in recognition or shaking your head in disbelief.

Whether you're a battle-scarred security professional or maybe just someone who's stood impatiently in endless security queues wondering why your belt buckle is suddenly a threat to national security, this conversation offers both genuine insight and proper laughs about the sometimes bizarre world of overzealous security controls.

Tune in for a refreshingly honest chat that feels like overhearing three security experts having a pint down the pub whilst debating the madness that sometimes defines our industry.

3 Key Talking Points:

The Security vs Practicality Tightrope

Listen as our experts dissect the eternal balancing act between locked-down security and business functionality. When Chris boldly claims he'd implement "seven layers of security" for critical infrastructure while Iain argues for practicality, you'll gain valuable perspective on finding that sweet spot where protection doesn't become paralysis.

The Psychology Behind Security Resistance

Discover why people willingly hand over biometric data to tech giants yet baulk at the same requests from employers. Our conversation uncovers the fascinating psychological disconnect between consumer and corporate security acceptance, offering insights you can apply immediately to your own security implementation strategies.

Beyond Bureaucracy: When Risk Management Goes Wrong

Experience the painful yet hilarious reality of security bureaucracy gone mad, from needless warning signs in car parks to the absurdity of airport security theatre. You'll leave with a clearer understanding of how to champion meaningful security measures while avoiding the trap of controls that exist merely to tick compliance boxes.


"Information security professionals the world over, in various different cultures and various different parts of the world have had the words echoing through the halls: ‘Isn't that a bit much?’"

- James Rees, Razorthorn Security


Listen to this episode on your favourite podcasting platform: https://razorwire.captivate.fm/listen


In this episode, we covered the following topics:

  • Finding the Balance: Discover how to navigate the tension between robust security measures and practical business operations without alienating your colleagues
  • Biometric Backlash: Understand why people readily surrender their biometrics to tech giants but resist providing the same data to employers
  • Security Theatre: Learn to identify when security measures serve more as performance than protection, particularly in public spaces like airports
  • Risk Management Revelations: Gain insights into creating meaningful risk assessments that protect assets without drowning in needless bureaucracy
  • Human Behaviour: Recognise how "laziness" and resistance to security controls might actually signal poorly designed systems rather than difficult users
  • Security Culture: Explore how organisational risk culture directly impacts the effectiveness and acceptance of security measures
  • Physical vs Digital Controls: Compare approaches to security across both physical spaces (like data centres) and digital environments
  • Proportionate Response: Develop strategies for implementing security controls that match the actual threat level without overengineering solutions
  • Compliance vs Security: Distinguish between controls that genuinely protect your organisation and those that merely tick regulatory boxes
  • Security Stakeholder Management: Master the art of communicating security needs to business leaders without being dismissed as "overzealous"


Other episodes you'll enjoy

  • Security vs Privacy: The Ethics of Data Collection

YouTube: https://youtu.be/iIRv0qVXmWM 

Spotify: https://open.spotify.com/episode/0wbWKF9zyxkHMY5kKMZyx5 

  • The Business of Biometrics: Data Protection and Ethical Standards in Cyber Security

YouTube: https://youtu.be/eWfRalOk0E8 

Spotify: https://open.spotify.com/episode/1QJPHcVRkKIIht3zsJWqWq 


Connect with your host James Rees

Hello, I am James Rees, the host of the Razorwire podcast. This podcast brings you insights from leading cybersecurity professionals who dedicate their careers to making a hacker’s life that much more difficult.

Our guests bring you experience and expertise from a range of disciplines and from different career stages. We give you various viewpoints for improving your cyber security – from seasoned professionals with years of experience, triumphs and lessons learned under their belt, to those in relatively early stages of their careers offering fresh eyes and new insights.

With new episodes every other Wednesday, Razorwire is a podcast for cyber security enthusiasts and professionals providing insights, news and fresh ideas on protecting your organisation from hackers.

For more information about us or if you have any questions you would like us to discuss email podcast@razorthorn.com.

If you need consultation, visit www.razorthorn.com, We give our clients a personalised, integrated approach to information security, driven by our belief in quality and discretion.


Linkedin: Razorthorn Security

YouTube: Razorthorn Security

Twitter:   @RazorThornLTD

Website: www.razorthorn.com


All rights reserved. © Razorthorn Security LTD 2025

All Episodes Previous Episode

Listen for free

Show artwork for Razorwire Cyber Security

About the Podcast

Razorwire Cyber Security
Real conversations helping cybersecurity professionals sharpen their insights, strategy & leadership skills.
🔒 Cybersecurity is evolving — and so should you. Razorwire brings the open conversations that give you the edge.

Welcome to the Razorwire podcast — your resource for practical advice, expert insights, and real-world conversations on cybersecurity, information security (InfoSec), risk management, governance, security leadership, human factors, and industry trends.

Our mission is to help you build a stronger cybersecurity career while supporting a dynamic, agile community of professionals committed to continuous improvement.

Each episode brings you actionable advice and real experiences from your host, James Rees — an information security specialist with over 25 years of experience — and from a range of respected guests across the cybersecurity industry. Together, we explore everything from technical strategies and compliance challenges to security culture, communication skills, and leadership development.

James Rees is the founder of Razorthorn Security, providing expert consultancy and testing services to a wide range of organisations, including many Fortune 500 companies. His practical, no-nonsense approach helps organisations manage cyber risks effectively while strengthening resilience.

The Razorwire podcast is designed for cybersecurity professionals who want to stay ahead, sharpen their skills, and confidently respond to the challenges of today's evolving threat landscape. We believe collaboration is key to stronger security — and Razorwire gives you the conversations that help you achieve it.

For more information about us, or if you have questions you'd like discussed on the show, email podcast@razorthorn.com or visit www.razorthorn.com.