Re: over-reliance on traditional security measures, such as licensed and updating antivirus.
This is quite a big problem everywhere. Too many organizations think that security boils down to having a basic packet filter as a firewall and antivirus. They think that they can escape the cost of a well trained IT team by paying 30-50$/year per seat on antivirus. I would actually say that I would much rather have an extremely well set up active directory infrastructure with an extremely well configured GPO and run no antivirus than the other way around.
Too many users in too many organizations are given too many privileges on their PC's and that's where all the problems start.