I guess what I'm saying is... what if there were a way to get executives to care about security and compliance *before* a breach happens. Some kind of process where you assess risks and build protective controls...
Too bad the software industry never developed such a process.
@roguelazer But that takes time and money.
@gudenau true. Much cheaper to wait until a breach happens and remediate it and buy back user and regulator trust... 🙄
This is the frustration I was experiencing before I became a consultant.
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!