NewTech··11 min
Why Companies Don't Fix Vulnerabilities: The Math Is Brutal
Change Healthcare's Citrix portal had no MFA. Equifax had a free patch three days before they were breached. Companies don't fix vulnerabilities because the expected-value math, run honestly, genuinely points at inaction, and every breach press release that reads the same is what that math actually produces.
securitycybersecurityvulnerabilities