|
|
|
|
|
|
by nerdjon
705 days ago
|
|
|
How is "being on the latest patch" (security definitions), not part of the security architecture? No where am I implying that it is the only part of security. Also you are still ignoring, that for many of these companies they have not have a choice due to compliance requirements. That being said, so great maybe we can avoid this issue. But instead maybe next time instead it will be. "Well, you run security software X and when you were breached they had a protection out for this, why were you not up to date?" The fact remains that what happened yesterday was an extraordinary situation that I highly doubt anyone seriously thought it was a serious risk. Since most people would safely assume that a vendor pushing security updates would do basic testing. Also you are focusing on security when there are other dependencies that could bring down your system. That is my point here. We are focusing so much on how this one thing should have been done differently and that the companies are somehow to blame when this could have been any number of other things that would not have been as global of an impact but could still bring down major systems. |
|
|
> Also you are still ignoring, that for many of these companies they have not have a choice due to compliance requirements.
They have a choice. They could run their system properly. You are arguing for reasons of compliance...When this incident is the clear demonstration being compliant has nothing to do with being secure and robust.