If someone was going to die as a result of a malfunction or breach of a system, we'd demand it be air-gapped and have robust CM. There would be hell to pay as a result of failure - think hospital systems. Or military systems.
Yes, these systems never get hacked. And people never die because of the hacks...
The thing is, most of the systems businesses use aren't all that important in the grand scheme of things. No one is going to die if Twitter or Walgreens has a breach.
Nonsense. It's entirely possible to have a company let your data get stolen and then not learn about that breach until years later (Yahoo). That information leak could lead to all sorts of things (particularly, credit reports) that would genuinely and profoundly affect your life. This isn't "Oh noez, hackers know my home address", this is, "Fuck, they know enough about me to open credit cards in my name".
Cue "assumed breach"...we must assume that systems like Twitter and Walgreens are breached and are leaking data. Therefore, conduct any business with them while insulating yourself from the consequences of said breach.
Agreed. And, as it turns out, my tinfoil hat is starting to come into fashion these days.