"Just 21 per cent of UK Blue Chip businesses regularly share security updates with the board at least twice a year"
Or to put it another way, 79% of boards don't demand regular security updates.
I'd like to think that this level of neglect would raise questions from the big institutional investors but clearly not.