COMPLIANCE
#4
This isn’t an attack or threat either - it’s the law.
Compliance in general has changed the way we look at security - in many cases its lulled small business owners into a false sense of security.
Being PCI, HIPAA, or GDPR compliant, in no way says, your data is safe. Check the boxes, then assess risk, finally, secure the data.