Explore a thought-provoking keynote address from BSides Cleveland 2017 that delves into the complex world of cybersecurity, focusing on the challenges of patching and updating systems. Discover why seemingly simple solutions like applying patches can be incredibly difficult in practice, especially in industries like healthcare and retail. Learn about the perfect storm of factors that led to the WannaCry ransomware attack and examine the unique security challenges posed by medical devices and complex systems. Investigate the issues surrounding vendor ownership, out-of-business scenarios, and unpatched systems. Gain insights into the fundamental differences between building things to last and the need for constant updates in the digital age. Consider the business reasons behind delayed patching and the risks organizations must take. Reflect on the potential for being wrong in our approaches and the forces needed to drive change in cybersecurity practices. Conclude by examining the role of regulation and risk management in shaping the future of cybersecurity across various industries. Read more