Who bears the losses ?
Ignoring hassle: in the case of a house burglery the insurance company. These are in the position to push through a change; not (or reduced) payouts if the door locks are inadequate. The sell is reduced premiums to the householder. Properly done it will encourage the householder to do a one off investment in locks for a multi year drop in premiums.
Unfortunately: the marketing department shouts loudly about the lower premium and hides the good lock requirement on page 35 of the T&Cs; it is only pointed out after the theft.
Opportunity lost - squandered by marketing and that most people don't read T&Cs.
Much the same with our electronic bling: ease of use and price are seen as the draws. How to make it secure comes many pages after the instructions of how to view cuddly kittens.
Losses are less obvious unless someone grabs your banking details or similar. Many still take the view that the loss will be picked up by the bank; I have friends who proudly tell me that they use the same 3 passwords everywhere - even as I tell them that this is stupid.
Banks are refusing to cover some scams, but so far it is often seen as ''something that happened to someone else'' and that they will be OK ... anyway the next Bake Off is about to be aired.