Been saying for years
It will take millions if not billions of lost profits, lives and hell why not economies before we "get it". I've been griping for years about many things and this is one of them, "data sovereignty". I never understood the "work at home" concept when it comes to certain roles like developers who work for proprietary devshops or any/every IT role that has security in its title and we all know this is the main reasons why many of these files were exposed in the first place. As a security engineer I have accepted that I will never have a job where I get to work from home and honestly once in my past it was suggested that I could do my security work from home and I flatly refused it because that would make accountable if a hack occurred and it was discovered that it came from my home system. I love technology but after 28 years of heavily using PC's I still don't trust them.
One of the other big reasons is simple, too many IT people really should not work in IT. They might have the smarts but that doesn't mean they have the proper mindset. As a security SME I have for many years and on many occasions been caught saying "Computer security is a mindset, not a skill". Tech skills can always be taught but security is more of a philosophy.
You will often have executives within any organization who want a percentage given to them on "how secure is it". This is flatly wrong but it does get the greasy sec guy off the hook until they either leave or get hacked. To add to this complete and total lack of understanding of what "proper security" means you have quite often in positions where decisions are made people who should be technical'ish but are not... at all. They often have "feelings" on what is right and what is not, honestly for a device that has taken millennia's scientific/mathematics knowledge to devise the most complex mass produced piece of technology ever you would kind of believe that those "in charge" would at least have a clue.... THERE ARE NO *FEELINGS* IN TECHNICAL MATTERS, ONLY PROOF!... it's call the scientific method because science is what got us here in the first place.
Biting the hand that feeds IT
