[bogomipz]

And Yahoo the company we are discussing has a full time CISO, now at Facebook:

http://www.businessinsider.com/alex-stamos-leaves-yahoo-to-b...

As does Google: http://www.csoonline.com/article/2928798/security-leadership...

As does Twitter: https://www.linkedin.com/in/mcoates

as does Uber: https://newsroom.uber.com/joe-sullivan-joining-uber-as-first...

As does Apple: http://www.reuters.com/article/apple-encryption-executive-id...

As does Amazon: https://www.rsaconference.com/speakers/stephen_schmidt

So I would say its pretty common. Just because its not common at the Ashley Madisons and Targets doesn't mean its uncommon elsewhere.

[sandworm101]

Lol, that is like 1% of the industry. For every facebook there are 100s of smaller shops with websites taking money and handling pii. Being not-facebook doesnt mean you arent in the big leagues with millions of customers.

[bogomipz]

And that 1% of the industry is exactly the context for these comments, the company being discussed here is Yahoo. I guess you didn't read the part where I specified "SV tech giants"?