That’s sounds strange to say but hear me out. Before ransomeware there was no economic incentive for companies to worry about security. There was a strong “why would you hack us” vibe that made it hard to talk management into doing anything basic like locking down ports.
Nowadays everyone and there mom is worried about getting compromised. I’ve seen companies who historically didn’t care at all about IT suddenly invest heavily in security. We are now much more secure than we were previously as everyone has suddenly realized that the internet had a huge risk. I doubt we will see any of the old style worms we had back in the day that would infect millions of machines.
The problem is all the buying is purely so they can tick boxes on an insurance form.
We see it with our customers all the time, they request thing for cyber insurance reasons like a SIEM or EDR, but no one is checking the systems.
No one is checking until they get breached. The attacks are slowly forcing the industry to improve.
If the firewall is breached, and nobody is around to read the SIEM logs, was there ever a hack?