Don't be a "bait ball"

When small schooling fish are attacked they swarm together into a bait ball. As they get picked off by tuna, sharks, and seals from below they are also getting eaten by birds from above.

I bring this up because I recently heard some decision makers saying "Well there are a lot more vulnerable targets than us, maybe the hackers will just leave us alone." This is typically in response to an audit finding or a vulnerability that was successfully exploited during a penetration test that isn't cheaply and easily fixed. I have also heard from cyber security "professionals" in the past but that is typically a response from a non-technical person.

Don't let your business be part of the bait ball.