As a result of the high concern about security, there are industrial regulations to assure good security and privacy practices such as PCI DSS for payment processing, GDPR for privacy, and HIPAA for healthcare. These are focused on protecting information and making sure confidential information isn’t leaked by accident or by attack. In the future, more regulation is likely. California with CCPA and New Jersey’s data-privacy bill are additional privacy regulations to consider.
Despite these regulations in public and private sectors, there are still security breaches. As of the first quarter of 2020, over 17 million leaked government records have leaked, an increase of 278% over the same period in 2019. Some are high profile.
The current situation of deploying insecure software and patching it after a high-profile breach is unacceptable. Software developers need a new approach and need to ask themselves: "What is it that we're doing today? Why isn't it working? And what should we be doing to change that?"