An alternative approach: criminal and civil liability with teeth.

Good news on the judge throwing out most of the “basically everything is securities fraud” charges, though.

I’m in the same position as this guy, at least in title not legacy. I work my ass off to do everything I can as safely as possible. If you have perfect security you have a budget problem. Nobody wants to make these mistakes, you just need to negotiate with product for resourcing and the ICs with manager buy in on process changes. Sometimes you can’t get that culture. I document every suggestion the business says no to and get a risk exception. Budget is a thing.

It’s not like we don’t care. A lot do. I am responsible. I bet my future on it.

The inability of the company to have good cyber is that they have product profit problems. Especially in public companies. Someone should come in to get more income from the business and then they can afford to do the right thing.

> SolarWinds security chief calls for tighter cyber laws

So "the Onion" stuff got hired by Financial Times. /s