In addition to cybersecurity offerings, there are companies offering insurance to companies in case they get hacked and are demanded a ransom. The problem - hackers hacked the insurer and got a list of their clients as well as information on the level of their clients insurance cover. They demanded a ransom from the insurer.
If a Nation State Actor (NSA) such as China, US, Israel etc want to hack you or even your government it's not a matter of if they can but how long it will take them. That means not even the best defended systems in the world are immune. While a lot of these hacking groups don't have the resources an NSA might, I imagine it's a similar situation - if they're determined enough they'll be able to hack nearly any company.
My understanding is that an even bigger problem is people. Social engineering, phishing emails, employees giving away information over the phone, through socials etc etc tends to be the biggest weak point hackers are exposing. Even with education, this is likely to persist.
I'm not sure if there will ever be a solution to this aside from not paying ransoms or more collaboration between governments to crack down on this and a willingness to punish or extradite their citizens engaging in this illegal activity. Or maybe companies collect/store less of our personal information?