The article discusses a debate within cybersecurity on whether the industry behaves like a cult, with rigid adherence to frameworks like NIST and ISO seen as dogmatic rituals rather than practical tools. Experts argue that while frameworks provide useful guidance, over-reliance on them can hinder adaptability and critical thinking, leading to ineffective security practices driven by compliance and profit rather than real risk management and improvement.