Why do we have so many security incidents? Data breaches? Leakage events? Hacks? The answer is insecure software, and the software we use and take for granted is a result of not just developers and programmers, but it is a result of business decisions and people who run the businesses. In this talk I would not like to name names, rather I would like to give an answer to why is Cybersecurity so hard for developers and programmers. Plus, when you add managers and project leaders into the mix, you get a big liability cocktail. Cybersecurity is not about technology, it is about people, and I would like to come to a conclusion on how to approach the problem of developers not doing security, and managers not understanding security.