Security is both a feeling and a reality. You can feel secure without actually being secure, and you can be secure even though you don’t feel secure. In the industry, we tend to discount the feeling in favor of the reality, but the difference between the two is important. It explains why we have so much security theater that doesn’t work, and why so many smart security solutions go unimplemented. Several different fields — behavioral economics, the psychology of decision making, evolutionary biology — shed light on how we perceive security, risk, and cost. Learn how perception of risk matters and, perhaps more importantly, learn how to design security systems that will actually get used.