[progman32]

The lost productivity and general _stress_ due to well-intentioned but ultimately counterproductive software being introduced by IT after a ransomware attack was the last straw for at least two highly qualified engineers I know personally. They left their employer after that. Being blocked from doing your job is highly stressful for people who are motivated by the utility of their work to society, a description which I believe fit these engineers. This is an example of direct human cost - the transformation of a desirable, fulfilling job to one less so.

Now, sure, the IT dept in question could have handled this a little better. Maybe. But the presence of these advanced threats forced IT's hand here.

[dcow]

Because the employer isn’t fixing the problem they’re deploying bandaids that are known not to work. I wouldn't want to work like that either and companies need to learn how to effectively secure software. What if companies paid like BM probably pays? I bet most people would do the work in a less grey fashion. But companies don’t value security so this is the result.