In this article, it provides a compelling argument as to why the advancement of technology doesn’t resolve the security issues companies’ face today. To support this argument, they surveyed business and strategy executives about their security issues. What they found was that many companies had some strategy in place but weren’t as forward thinking or proactive about security measures as they should be. If company’s value the security of their data they must be willing to invest and budget for it, which includes investing dollars into awareness training for their employees, so they can be cognizant of malicious email scams, phishing, and data loss prevention, installing software to protect applications and encrypting databases. Shockingly, there were several organizations that admitted that they omit their privacy policies and procedures from their internal website. Many organizations reported that they assess and/or monitor their employees to ensure they are in compliance with information security policy standards. A very small percentage of the surveyed respondents said that they recorded who they used as a third party vendor who could access their data. This could be problematic for companies that are too cheap and lazy, so to prevent this, they must ensure that both companies are using security and privacy procedures. High priority initiatives for companies in the future are to hire top executives and subject matter experts for their information security areas, invest in security protection technologies, and conduct trial and error tactics to see what works best on security issues that may arise.