Hard time believing these crippling corporate hacks are usually automated
I'm not talking about a sophisticated, orchestrated attack like the Orion breach. That was carefully planned out and worked on for a long period of time.
But many other breaches, yes, even those involving big corporations are not necessarily targeted or sophisticated, because they are just so easy to exploit. Talk to anyone who is in the field. They deal with stupid holes and wide open entry points for no reason all day.
It's a lot of education and changing of mindset. Obviously, it's only part of the equation, but without that you're not going to be anywhere close to secure.