That approach won't let security providers meet their growth targets, so they have to pretend all risks are huge and no salve but their own is enough. Well, companies have to meet growth targets, too, so their employees need to focus on getting the work done efficiently and effectively.
If you force employees to choose between productivity and security, you deserve the inevitable result: a security problem at some point or a productivity problem. And if you force employees to choose between productivity and security, you're the problem that needs to be fixed. You don't do that by buying a product.
Sign up for CIO Asia eNewsletters.