Security within Enterprises is complex and challenging. Enterprises today are vulnerable to sophisticated cyber-attacks and are poorly equipped to deal with the ever growing threats. Whilst there are many types of security models to reference, their application and use has been largely ineffectual. This paper deals with changing how Enterprises and security specialist should think and deal with security in dynamic and complex Enterprises.