• 0110010001100010@lemmy.world
    link
    fedilink
    English
    arrow-up
    11
    ·
    11 months ago

    While true, I’m not convinced that fully explains it. Having been in IT nearly 2 decades I feel like the second piece is cybersecurity budgets getting slashed. A lot of them have been super-basic shit like someone clicking on a malicious link.

      • SheeEttin
        link
        fedilink
        English
        arrow-up
        1
        ·
        11 months ago

        It’s often more profitable that way. Thus, it’s an easy decision for companies to make.

    • CaptainSpaceman@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      ·
      11 months ago

      Oh for sure, didnt mean to imply it was the only reason.

      Spearphishing high-value targets, or even just phishing a company’s email roster are very very common practices because they yield significant results.

      Theres also the “insurance approach” to cybersecurity, where its cheaper to run PR for a little while and/or take out insurance policies against cyber attacks such as ransomware. The latter is a key factor as to why many companies dont mind paying the ransom at all.