The reflex answer to why data isn’t adequately protected is “cost.”
Yet, that answer is naïve.
Breached or ransomed companies pay inordinate sums to restore their data and restore their reputation. It’s a desperate act of survival. Obviously, the answer simply isn’t cost. A lack of protection stems from not knowing the tech, not experiencing the risk, and thus not appreciating the value of its protection. Once devastated by an attack, leadership feels it. And with that immediate and immense loss, they’ll pay inordinate sums to stop the bleeding and recover what they can from the damage that’s done.
The bottom line for organizations is to: understand the environment, understand what’s at risk, and budget to effectively mitigate against it. Data is valuable – Protect it!