I’ve often used the word malfeasance when writing security papers but today I learned that many forms “feasance:
Nonfeasance is to ignore and take no indicated action – neglect.
Misfeasance is to take inappropriate action or give intentionally incorrect advice.
Malfeasance is hostile, aggressive action taken to injure the client’s interests.
All of these terms apply to Security Practice. To do nothing about your IT security means that you remain liable. To undertake the wrong actions doesn’t absolve liability and to fail to respond or prepare for aggressive action is also a liability.
I love these words. I’ll use them in my writing in the future.