Why we don’t patch, with Jess Dodson
Lock and Code · Malwarebytes
Audio is streamed directly from the publisher (podcasts.captivate.fm) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
In 2017, the largest ransomware attack ever recorded hit the world, infecting more than 230,000 computers across more than 150 countries in just 24 hours. And it could have been solved with a patch that was released nearly two months prior.
This was the WannaCry ransomware attack, and its final, economic impact—in ransoms paid but also in downtime and recovery efforts—has been estimated at about $4 billion. All of it could have been avoided if every organization running a vulnerable version of Windows 7 had patched that vulnerability, as Microsoft recommended. But that obviously didn't happen.
Why is that?
In today's episode of Lock and Code with host David Ruiz, we speak with cybersecurity professional Jess Dodson about why patching is so hard to get right for so many organizations, and what we could all do to better improve our patching duties.