A Different Model for Security Teams
There is, in my experience, a certain mindset among some information security professionals. They see themselves as the keepers of arcane knowledge, duty bound to hold the cyber-line, the last thing standing between common application developers and complete pwnage. They're the few, the proud, the ones who can shut it all down in the name of security. I'm not sure if it's a side effect of that field's association with the [“intelligence community”] or mere self importance; every profession has its foibles.
Unfortunately, apart from the usual objections to cops and special forces, I think that the metaphor leads to some dysfunctional tendencies in structure and strategy.