This light talk will try to address the "unaskable" question "will best practices make use more secure?" in a light and entertaining manner. Will a strong password policy result in stronger passwords? When are there too many admins on the system? In good cop/bad cop style Frank Breedijk and Ian Southam will address this topic from the firm believe that IT Security should actually make IT more secure.
As obvious as that statement seems, security measures often do not achieve this goal but sometimes hurt it. E.g. enforcing "very strong" password policies will often result in people not being able to remember their passwords and writing them down, or reverting to passwords like Password01, Password02, etc. In the process the hope to plant the seed for some of the serious self reflection that is required from the IT Security industry.