An interesting op-ed piece. While I wouldn’t necessarily say that regulation (government or otherwise) is always the answer (other than to bolster the compliance industry), there is a point to be made here.
Are we reaching a tipping point like that experienced after the Enron fallout where a more holistic and measure approach to this problem needs to be mandated?
A data breach today is less likely to be an annoyance and more likely to have potentially significant and devastating real world consequences. The hit list of recent events in this regard identified in the article clear demonstrates that the problem is just getting bigger.
https://www.nytimes.com/2018/01/08/opinion/cybersecurity-breach-spectre-meltdown.html