Sure. There are a number of different ways to try to spur investment across the country. The regulatory environment has matured significantly in recent years for this purpose really. Cybersecurity is a bit like life insurance. You need some kind of nudge. In life insurance it's usually the birth of a child. In the case of expenditures, however, I think you need an outside nudge.
On GDPR, Colorado and California state laws, the new law that you passed...but also in New York's financial services sector in New York state, they passed a new law that really pushes down a requirement for breach management. This means that companies have to be compliant, and this will affect how companies drive behaviour within the market and how they end up spending money.
Services aren't that expensive. It's really not a question of expense. It's a question really, as I said earlier, of leadership.
I like to talk about the new security stack and the old security stack when it comes to bundling cybersecurity investments. In the past you had the old security stack, things like encryption, intrusion detection systems and firewalls. Now we have this new capability called microsegmentation which provides this deep resilience for data centres.
I would recommend for any organization that's looking to make investments in cybersecurity that they think about this new security stack to cover both the perimeter and the interior.
Service expenditures have really decreased in recent years as the market has evolved, but I would point you toward those regulations as good steps—