In her 2013 RSA presentation, “Living Below the Security Poverty Line: Coping Mechanisms,” Wendy Nather coined the term “Security Poverty Line” to better elaborate on the dismal state of security in organizations’ application development shops.1 There are the haves and the have-nots when it comes to cybersecurity. An organization’s ability to protect itself from attack at the most basic level can be directly tied to the investments it makes in order to protect itself. The amount of revenue an organization generates is roughly proportionate to the amount of money that can be reasonably budgeted for cybersecurity.
Bank . . .