Relatedly, about a year ago, I had a conversation with a director on the fast track to exec at a (different) Canadian chain about how their security practices were outdated and it was trivial to compromise them. I got a very "upper management" response about how it was all fine, no problems, nothing to see here, etc.
I'm surprised local companies that don't have serious security practices don't get compromised more often. Or maybe they do and many are constantly paying off ransomware attackers?
baldur
krinkle