> No company should ever spend more mitigating a risk than the potential cost th... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

jacquesm on Nov 9, 2021 | parent | context | favorite | on: REvil Ransom Arrest, $6M Seizure, and $10M Reward

> No company should ever spend more mitigating a risk than the potential cost they could incur from the risk

Funny, after the fact they are usually out a lot of money and they decide that they now do want to mitigate that risk.

hluska on Nov 9, 2021 [–]

It’s genuinely interesting how poorly companies perform when you gauge their ability to cost out a successful attack. Pre-attack, many seem to make an economic decision not to mitigate it. Post attack, the fifth CISO in four years gets fired, the CEO vows to do better and the cycle repeats all over…

Join us for AI Startup School this June 16-17 in San Francisco!
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact