>No company should ever spend more mitigating a risk than the potential cost they could incur from the risk.
I've heard hospital administrators make this argument after I've warned them about their security infrastructure being vulnerable to ransomware. I'm not convinced.
I've heard hospital administrators make this argument after I've warned them about their security infrastructure being vulnerable to ransomware. I'm not convinced.