There are a lot of questions on Sec.SE that are duplicates, or, at least: near duplicates.
For example, this question has a lot of attention, and no mention of duplicates. Although it's similar to this much older question and I expect many other similar questions have been asked. A common theme is also seen in this question, where the question has some particular twist that makes it not-quite-a-dupe.
I think the problem is a bit deeper than people not bothering to look for duplicates. It's hard to find duplicates using search, because people don't always use search-friendly keywords. e.g. a search for "responsible disclosure" does not match "how do i report a vulnerability?" And when you do find duplicates, often the answers are only moderate quality, that doesn't answer all the nuances of the subject.
If we really wanted to fix this, we could work harder to create canonical questions with great answers, and tags that help them show up in searches. We could then more aggressively mark near-dupes as duplicates, potentially even editing the answers to cover the near-dupe questions. This would greatly improve the mission of letting people find good answers in web searches.
Maybe this is something that people don't mind. It's not necessarily a bad thing to have duplicate questions on the site. And you get more rep from a couple of upvotes on a dupe answer than you do for a close vote. But general Stack Exchange policy is to close duplicates, and we should really follow that.