[6d0debc071]

While I understand that that's primarily a normative statement, you have to have something significant to lose to be worried about the potential losses. It's going to make more sense, initially, for a company to invest in activities that they expected to generate revenue than it is for them to invest in activities that secure the source of that revenue. It would only be once you already had significant liabilities that it would start to make sense to invest in security, and even then only if you expected breaches of security to result in significant loss with respect to the source of that revenue (questionable, if you've achieved significant market leverage then people may not be that worried about breaches to their data. I'm reminded of this sort of thing: http://www.huffingtonpost.com/kyle-mccarthy/32-data-breaches... .)