Nice headline I suppose
What the measures entail though?
Do they include external penetration testing companies hammering all the infrastructure, every month or so, with increasing financial penalties for not fixing identified issues; or is seeking advise and having an active McAfee subscription enough?