From the MU Line blog:
Most IT professionals are pretty confident that we know what applications and operating systems are running on our desktops and servers. So when a vendor like Adobe releases an announcement of some new critical vulnerability (such as last week's beauty here), I know that getting and installing that patch is a very good idea because I use Abode Reader software. Yes, patching is an annoying but at least a manageable activity.
Unfortunately, the same doesn't hold true for the control systems running the World's critical national infrastructures like power, water and transportation. These systems often come as bundled packages from the vendors, so the end-user really doesn't know what is inside and what needs patching to keep the wolves away from the security house doors (Control Global asked me to author this piece earlier in this year). Let me give you a few real-world examples...
Read the rest of Eric's rant here.
Leaders relevant to this article: