Security Trade-offs is Subjective:
Risk assessment is subjective
People’s basic desire or values are subjective. Security decisions are based on personal judgments.

Extreme trade-offs are easy:
Protect yourself from credit card fraud by never using a credit card.
Prevent yourself from Mad Cow Disease by never eating meat products.
Prevent terrorists from boarding on planes by grounding all planes.

Swiss door locks on homes are secure and hard to pick. Lock has a key that can't be easily duplicated by common equipment. The key can only be duplicated by lock manufacturer at written request of property owner. So generally, many Swiss families have only 1 or 2 house keys.

Most shoplifting takes place in fitting rooms. If we remove fitting rooms, resulting decrease in profits from sales would be greater than the cost of shoplifting.

Threat: A potential way an attacker can attack a system.
Risk: A likelihood of threat and seriousness of successful attack.
Risk Management: It’s figuring out which attacks are worth worrying about and which ones can be ignored.
“Threat determines the risks, and the risks determine the countermeasures”.

Different people & organizations have different tolerances for risk, making value judgments about the risk. Because of this fact, security is subjective and will be different for different people, as each one determines his own risk and evaluates the trade-offs for different countermeasures.

Perceived risk and Actual risks:
1. People exaggerate dramatic but rare risks and downplay common risks. We worry more about earthquakes, terrorism, & kidnappers instead of slipping in our bathroom.
2. People have trouble estimating risks for anything that is not normal to them.
3. Personified risks are seen as greater than anonymous risks.
4. People underestimate risks they take willingly and overestimate risks they can't control.
5. People overestimate risks that are publicized.
Rapid advance of Technology and its getting more complicated and specialized, that it has become impossible for normal person to learn everything they need to know about all the risks.
"Because we do not understand the risks, we make bad security trade-offs."
If the trade-offs were subjective, there would be no such thing as a bad trade-off, only a trade-off perceived to be bad by someone. Security policy is based on the agenda of the major players.