Co-Founding and running a business that deals with helping organizations become compliant with cyber and privacy regulations, has shown me just how bad most organizations are at it. It is scary how far they are from being cyber-resilient. Most just take the default Microsoft or Linux settings.