Skepticism, esp. about Security and FUD, is only good IMHO. I’ve been through the same thing – wondering if “data leakage” prevention devices were really a revolutionary new technology or just hype (after all, this data’s been flowing for years now, how many incidents can this investment really be stopping), if the investment for encryption at rest is really worth it, etc…

At the end of the day, it took really understanding risk reduction for me to get centered. I went from “protect everything with every dollar available” to “we haven’t been bit yet, chances are I’m not going to be the first to get hit, so I’ll just wait for the technology to mature”.