WCry, ransomware, and the challenge of legacy software

If organizations would just stop using Windows XP and patch their software, WCry wouldn't have been an issue. Unfortunately, that's often easier said than done for safety-critical systems built with now-retired software.

What's in your threat model?

Everyone should have a threat model, but a bit of thought should go into calibration. Make sure your model is appropriate and that your opsec follows from it.