This is the first in a series of stories on the most important security issues facing the enterprise. “As a rule, men worry more about what they can’t see than what they can.” Worrying almost seems to define the job of the CSO and CISO. The security chief is the corporate standard bearer for risk management in a world fraught with technical and human error, with hackers potentially lurking within and without. When asked what they worry about, CSOs and CISOs cite regulatory compliance and security controls overlooked in IT projects. Some acknowledge a general angst that simply boils down to the great unknown of system-wide chaos. But are security pros worrying about the right things? When asked this, many independent observers — former CSOs or consultants working with CSOs — offer a different perspective.