However — when you’re talking about organisations with tens of thousands of employees, when they outsource areas like cyber risk and compliance, cyber security operation, password reset helpdesks etc — they take on a level of risk which, I think, becomes highly questionable. It’s not just risk — it’s risks that can and do materialise. That 10% budget saving doesn’t look so hot when the whole company has a heart attack.