Patching – it’s complicated. Organizations at every level struggle with patching. It feels more like a necessary evil rather than a best practice. We’re damned if we do, damned if we don’t. As much as we like to point fingers of blame and malign the processes in place, the fact is that one size does not fit all when security updates get issued. We’ve lived through the joy of Patch Tuesdays gone bad, watched systems meltdown from patches for Spectre and Meltdown. Given all we should have learned, why does it seem like things are getting worse? Securing our stuff should not be an endless succession of dumpster fires. We need to go beyond just finding the sweet spot between mitigating business risk with vulnerability exposure. Join me in a candid and interactive discussion on this fundamental process that seems inherently broken, especially as it now affects IoT, OT and medical devices. In an off the record, behind closed doors session, let’s share what we’ve seen and say what we really think about management, internal and external customers, vendors. Because the cure isn’t supposed to be worse than the disease.