This is at odds with basically every major security incident postmortem in recent history.

Most security failures happen when people wait to take something seriously until it is “very clear” that something is wrong.

We have the luxury of hindsight while reading this article but listen to the tapes of any security failures and you’ll find it painfully obvious that the most common issue is that people don’t do anything until it’s too late.