Ok, people will always fuck up, so what do you do?
The majority of industries that actually have immediate and potentially fatal consequences do exactly this, and have been for more than a generation now.
All the organizations (including public) getting ransomware and data stolen, it’s because the consequences are not that bad? It is not gross negligence?
I’m not blaming the single person who did a mistake, I’m blaming the negligence of the companies that cut corners for profit, so most of them.
Your first comment read as if organizations where this happens couldn’t have bad consequences. Your new comment explains what you meant better, and I agree.