If we think the headlines shocked us with Equifax, SEC, and NSA – we will very quickly discover that large organisations have poor cyber security hygiene, are not meeting regulations and are failing to enforce the policies they developed, recommend and enforce upon others. The news over the coming 12 months will have even more high-profile names and the root causes will be just as shocking as the OMB breach.