Building secure software is hard.
An attacker has to make just a few correct guesses, while a developer has to take care of a number of things from the start.
Cybersecurity skills are scarce and hard to attain. In building your software, they're essential to mitigate business risks (business continuity, reputation) and compliance risks (such as GDPR and industry-specific regulations like HIPAA, PCI DSS).
Being good at software development does not equal having good cyber security skills. It takes more than reading a few manuals to get things right.
60% of small businesses fold within 6 months of a cyber attack. — Inc.com.