Going back to Jason, my background is and was sometimes retail. I appreciate being here representing large businesses, as well as small business. When you look at large businesses and whether it's a Winners or TD bank, whether it's a business that is incorporated and has a board, and whether that's traded or not, we look at diversity of boards and whether we can be populated with more women.
But I don't really hear a lot of talk about diversification with IT people. When you set up governance boards—you know, we want a banker, we want a lawyer, we want an accountant, we want a former business owner—there doesn't seem to be that stress around the corporate board that makes decisions. Unfortunately, in business some of it is driven by profit so you say, reputation, reputation. If you look at the case of Winners, I think it's a landmark case: they stored credit card numbers on the same server. I don't know if they were fined in the end, but what they did for their customers was to say, “We'll take any returns back without a receipt”.
When I go back to fines and I look at whether my credit card was breached or my information..., I have to change my credit card for safety. I have to take some time, and that time I consider valuable. I could be doing other things.
Individual fines, things like that.... There are a lot of good corporations that keep having breaches. If you have a good brand, then your reputation comes back better. You look at the case of Maple Leaf; it's a whole different case, but again they got out of that.
When I say the retail side, I've built corporate boards, and they were driven on profit, but there's a new age of reputation and branding. You say you teach best practices. How do we integrate more IT people who are making these corporate decisions? Would it be safe to say that you see boards moving that way in your organization, or is this something that is always going to be more lawyers and accountants?