Look, I hate it when exhibitors wander into the pressroom and steal our Danishes and fruit, but with everything else going on, this security resource could have been better used elsewhere. Lesson: This stuff is expensive, use it wisely.

This definately applies to computer security as well. Often companies spend far too much time and money trying to perfect one aspect of their security only to leave another area wide open.

Bruce Schneier wrote an excellent article on attack trees that covers this concept very well. From the article:

Attack trees provide a formal, methodical way of describing the security of systems, based on varying attacks. Basically, you represent attacks against a system in a tree structure, with the goal as the root node and different ways of achieving that goal as leaf nodes.

The complete article is here. Enjoy :)