This is all true. Security is best implemented when it’s baked into an organization’s processes. The government barely has enough budget to pay for server space let alone invest heavily into dedicated security teams. Most work is handed off to outside private contractors but they are hamstrung by the same budget issues.
Security concerns are almost certainly best handled by private industry except in rare cases like national security or the public markets. For example if Boeing becomes known for being easily hacked and flying unsafe planes, how long do you suppose they’ll be around?
A company’s livelihood relies on the perception of being secure and they are well aware of this so the ones that want to succeed absolutely invest very heavily in security. A successful hack doesn’t mean companies don’t invest in security or that people don’t pay for it.
Security concerns are almost certainly best handled by private industry except in rare cases like national security or the public markets. For example if Boeing becomes known for being easily hacked and flying unsafe planes, how long do you suppose they’ll be around?
A company’s livelihood relies on the perception of being secure and they are well aware of this so the ones that want to succeed absolutely invest very heavily in security. A successful hack doesn’t mean companies don’t invest in security or that people don’t pay for it.