The main problem is that most companies are still not spending anywhere near enough on cyber. Even the big boys(mostly because until they actually get hacked they have no idea how much value they have at risk and IMO gov fines for this are nowhere near big enough) like systemic banks are way behind where they really need to be.
The problem with cybersecurity is that if you have no breaches its a "great" item for some striver manager to cut and if you get breached the budget will go up, but the guy in the cybersecurity department will at a minimum get told off and held back, and likely fired.
The problem with cybersecurity is that if you have no breaches its a "great" item for some striver manager to cut and if you get breached the budget will go up, but the guy in the cybersecurity department will at a minimum get told off and held back, and likely fired.