> A "fraction" of a bonus. Let's assume their bonus is a paltry 100k. A good infosec pro expects on average to be making at least 200k, so you have already blown out your budget.
I agree with your overall point, but the first page of the leaked salary list alone has something like $35M worth of bonuses. Say the high-level execs are the only ones sacrificing their pay, and the 'fraction' of bonuses was 20%, you'd have $7M annually to spend on infosec -- in addition to all of the money they're already spending (and apparently wasting). This would pay the salaries of ~30 top-notch security people.
Ostensibly, executive bonuses in publicly traded companies are tied to actions that are a proxy for increasing shareholder value. Massive damaging hacks are not good for shareholder value.
In any case, it was just a comparative point, they clearly have the cash flows to hire competent security staff without impacting others' pay if they so desire.
I agree with your overall point, but the first page of the leaked salary list alone has something like $35M worth of bonuses. Say the high-level execs are the only ones sacrificing their pay, and the 'fraction' of bonuses was 20%, you'd have $7M annually to spend on infosec -- in addition to all of the money they're already spending (and apparently wasting). This would pay the salaries of ~30 top-notch security people.