A Q&A with an IBM security expert.
Click on the following link for the article: hbr.org
A good discussion (you may need to click on the hbr link to get past the initial page). There should be no business or organization or board or governmental entity remaining that isn’t taking cyber security seriously. The article is correct that you cannot ever be 100% safe, but every reasonable effort must be made to prevent, promptly detect, and promptly remedy hacking. That’s it.
Dave Tate, Esq. (San Francisco/California)