Re: Is this a world wide epidemic or are some better than others?
@Caute_cautim, it was pretty much the same where I'm based (KSA) with a number of organizations providing Cyber-security compliance requirements. (Needless to say, following them all was a nuisance.)
That recently changed, with all entities having to comply with the requirements of a 'National Cybersecurity Authority' that provides the necessary policies, frameworks, standards and guidelines for this.
However, regulatory authorities here often seem content with continually assessing compliance, rather than strictly enforcing it.