Every CEO, board, and middle manager in the world still has to go through infosec in large orgs.

If you're an engineer in the trenches of the company, good luck convincing the people above to sign that contract. You'll waste thousands of hours just trying.

The hard part is not the CEO, it's the CISO