Well this is a little scary! The tradition with security vulnerability in software and computer hardware has been ‘ship it and fix it later’. For the most part this worked. It was responsive to business and it also realistically didn’t matter a great deal. Yes, your computer application might have a security vulnerability which may or may not be exploited by a bad actor, but even if it was the impact was generally minimal. If it did happen to impact you then you could “purchase support” at a reasonable price and everyone wins (that was probably a bit cynical of me.
However, today more and more lives are depending upon the same vulnerable technology. Will the same methodology of ‘fix it later’ work when we are talking about medical monitoring equipment or vehicles in busy highways? Somehow I think we are talking about a tipping point here where a new paradigm of how we approach this problem needs to be found and found very fast.
Hopefully markets and sense will prevail and find a solution, but if we look at this historically I think we might be in for a rough time.
https://www.nytimes.com/2018/10/11/opinion/internet-hacking-cybersecurity-iot.html