>Systems may be especially vulnerable when rare conditions occur. In the event of a museum fire, who is making sure no one steals the artwork? If everyone is outside watching the prime minister driving by in a motorcade, who is paying attention to a store’s cash register? In preindustrial England, public hangings were prime work time for pickpockets, as weddings and funerals still are for burglars. In 1985, days after a volcanic eruption buried the town of Armero in Colombia, a pair of residents came back with picks and shovels and proceeded to rob the bank.
>Rarity is also often a cause of active failures. A friend installed a burglar alarm system in his home. The alarm was wired into the burglar alarm company’s switchboard; when it went off, the company was automatically alerted, and then it would call the police. My friend had a secret code that he could use to call the alarm company and register a false alarm (the police didn’t want to send a squad car out whenever someone accidentally tripped the alarm and caused a active failure). He also had a second secret code, a duress code, which meant: There is a gun being held to my head, and I am being forced to call you and claim that this is a false alarm. It isn’t. Help!
...
>When a security event occurs regularly, people become experienced and know what to do. If the event happens only once every few years, there could be an entire office staff that has never seen it. Staff members might have no idea what to do. They might ignore anomalies, thinking they are just system problems and not security incidents.
>This is why we all went through fire drills in primary school. We practiced failure conditions, both so we would be prepared for what happened and as a constant reminder that the failure could occur. It’s the same with airplanes. When oxygen masks drop from the ceiling, we don’t want the passengers glancing up from their novels, wondering what those silly things are, and then going back to their books. Nor do we want a nuclear power plant operator wondering what a flashing red light means because he’s never seen it before. Both training and practice are essential because real attacks are so rare.