It is common for companies to neglect financing in cyber security for a quick short term gain. And at the same time the laws are created such that an offensive hacker would be the criminal. By turning the law around the blame would be on the company for building insecure systems, just like it is right now companies get problems if they would create unsafe products for consumers.
What do you think would happen if laws would change in such a way, that gaining unauthorized access would become legal? Note that I've intentionally excluded permission to share sensitive information. Would love to read your responses and thoughts