Well, in that case, if I may draw a stereotype, there’s a simple solution:
“If there’s a data breach, and a significant percentage of your programmers are offshore, penalties double.”
We all generally agree here that while some talent is excellent, the majority of companies outsource to the cheapest (or 2nd cheapest, just to be safe) option possible. Turn that into a calculated risk - if you hire a company and their sloppiness causes a data breach, that's on you with heavy penalties for negligence for not validating their work - not the company you hired.
Change the law so that if Bank of America hires Infosys, and Infosys outsources to some sweatshop, Bank of America is the one who must be directly held responsible for a failure.
“If there’s a data breach, and a significant percentage of your programmers are offshore, penalties double.”
We all generally agree here that while some talent is excellent, the majority of companies outsource to the cheapest (or 2nd cheapest, just to be safe) option possible. Turn that into a calculated risk - if you hire a company and their sloppiness causes a data breach, that's on you with heavy penalties for negligence for not validating their work - not the company you hired.
Change the law so that if Bank of America hires Infosys, and Infosys outsources to some sweatshop, Bank of America is the one who must be directly held responsible for a failure.