Cybersecurity communities too, there was one guy on [The Other Site] I saw awhile back who, whenever somebody asked a question about what they should do to secure X or Y or if Z security product was better than V because they just did general IT, would always default to something along the lines of “If you don’t know, don’t bother its above you and you should shell out $$$ to an actual firm otherwise you’ll be shelling out $$$$ to another firm to clean up your mess”
Surprise surprise, when I googled his username (The fact I was even able to do this isnt a great sign for a “security professional” IMO lmao) he actually owned one of those “Databreach Triage” firms…yea…I’m sure there was no conflict of interest whatsoever lmaoo