I'd love to see stats on that. I'd bet that rather than losing the deal entirely, the more common case is that the deal gets delayed (possibly significantly) if something is flagged in a security review. After all, even standards like PCI & SOC2 include provisions for compensating controls :)
No comments yet.