Failure to secure a customer’s information briefly is bad enough but allowing that information to stay unsecured for more than 6 months shows indicates an overall lack of concern regarding cybersecurity that may make future clients think twice about starting a business relationship.