While technical and business managers recognize this threat, many also realize that ransomware is just one type of major security incident. And while these major security incidents could lead to serious business disruption, security defenses remain haphazard and disorganized at many organizations. Given the prevalence and financial implications of a major security incident, why is this happening? More specifically, why are major security incident defenses lagging and disorganized, and what can be done to improve this situation? This white paper concludes: