One of my favorite security bloggers is Gunnar Peterson, who writes a blog called 1 Raindrop.
He just put up a great post on how strange InfoSec that’s worth a read. He talks about these problems in the information security field.
Cost ignorance
Not needing credentials
Results don’t matter
Poorly taught in school
Important but ignored
[ InfoSec is a Strange Industry ]
If you follow InfoSec thought leaders, I recommend adding Gunnar to your list.