When it comes to information security, there are a lot of "misperceptions" and "exaggerations" about both the threats facing businesses and the technologies that might be used to protect their important data assets, according to Gartner analyst Jay Heiser. These false assumptions all add up to "security myths" that have gained wide credence among security pros, the employees they're trying to protect from data loss, and the business managers apt to blame chief information security officers (CISO) for breaches and other mishaps.