By: Drew Sorrell Let us assume a company has done all the right things. Preemptive security was a concern, so the company tightened up its written cybersecurity controls and associated technical controls, including policies and procedures, endpoint detection and …