From The Open Group Blog
Written by:
Denny Wan, Reasonable Security
James Middleton, Nationwide Insurance
Melissa Melancon, Kyndryl
John Feezell, Kyndryl
John Linford, The Open Group
“Practice what you Preach”
Hindsight is a powerful thing. Cyber defenders often bear the brunt of the blame for “preventable” cyber incidents that are attributed to a failure to apply available patches in a timely manner. For example, Veracode found that 1 in 3 applications (38 percent) still use vulnerable versions of Log4j two years after the vulnerability was disclosed and patches were made available[1]. It is easy to allocate blame for the failure to patch, but it is not the full story.
