Software engineering hasn’t had our Quebec Bridge collapse yet.
It will take an enormous visible disaster that does more than cost a company a few tens of millions, or exposes a few hundred million social security numbers before we start holding companies and engineers liable for security flaws.
The only way to create software engineering reform you envision is to force a paradigm shift. The only thing that could instigate it would be like skynet with many dead. Though, the unknown damage from OPM could be quite severe.
There might be 'security standards' but neither the government nor private sector can guarantee anything to be safe. The civilization built on IT networks will need to be rewowrked.
How many were killed as a consequence of the Equifax hack?
Don't get me wrong, that hack was absolutely massive and terrible, but I think you missed the point of what the parent comment was saying.
Their point was that it must be something real and visceral, on a level that will make people think "something like this must never happen again at any cost". As far as I know, there weren't massive killings of people due to the equifax hack, so that isn't quite on the same level.
We've flown planes into the ground, killed people with Xrays, rigged elections, shut down oil delivery to sections of the east cost of the US.
If anything we have bridge collapses constantly and special news anchors that report on which routes you should take today as if it were just like any other traffic incident.
It will take an enormous visible disaster that does more than cost a company a few tens of millions, or exposes a few hundred million social security numbers before we start holding companies and engineers liable for security flaws.