A few years ago, I was talking to an organization’s executive about the budget needed for a security initiative. We discussed the idea that organizations must understand that it’s not if they’ll be breached, but when. If a breach is inevitable either way, the executive asked, why should I spend all this money on security?…