Gregory's Server
And FWIW, I generally agree. I consider the public/private partnerships with technology vendors to be a critical part of my technology ecosystem. My agency could not operate without them.
But there is a systemic issue (and TL;DR for a toot) where so many agencies lack the people in the desperately needed roles to check these things and ask these questions. All too often it is a non-IT SME doing the RFP, with the vendor saying "trust us" with regards to cyber.