In a stunning revelation that has left the cybersecurity world both baffled and mildly amused, a whopping 61% of security leaders admitted that their digital fortresses were breached not because they lacked tools but because they couldn’t decide which of their 43 cybersecurity gadgets to actually configure properly. It appears that the walls of these fortresses are resembling Swiss cheese, thanks to a symphony of unused features and settings as mysterious as the dark web.

Experts say the problem is not a lack of investment. Companies are buying security tools faster than techies buy the latest gadgets, yet manage to lose track of what’s doing what and why. “We have a tool for every kind of attack, including some that were made up just to sell more software,” said one anonymous security leader, adjusting his tinfoil hat. “It’s like an arms race, but with more buttons and less understanding.”

Organizations are finally starting to grasp that installing security controls without understanding their actual function is like hiring a security guard and never telling him which building to protect. In what some are calling a ‘radical move,’ businesses are now considering reading the manuals and conducting basic risk assessments. This wild approach, they hope, will one day lead to a world where having 43 different tools won’t mean 43 different ways to fail.