[VT_Drew]

>In most fields there is little incentive to change things when the company itself isn't too affected in case of hack

This is correct. As long as the risk isn't too high then companies will just take the risk and accept a hack as the "cost of doing business". Much like Goldman Sachs expects they will get fined by Governments, but they don't care because the money they make far outweighs the fines imposed.

[sitkack]

New legislation, fines against businesses form a feedback cycle. They keep going up against repeat offenders until the behavior changes. Inverse exponential-backoff under collision with the regulatory body.

[vikeri]

Haha awesome, determine fines with a PID-controller