With windows and other OS being installed on many devices for daily usage, what can be done to reduce centralised point of failure? Todays outage made it clear that windows is used on many critical systems, and another outage like this can happen again which will result in many problems.
Tighter control of updates by system management teams, including but not limited to staged roll-outs with critical systems at the end of the queue. If the vendors did this, and the customers too, then you'd get better outcomes from the updates being distributed over time.
Don’t worry there’s alot of Project Managers and product owners now working tirelessly on “AI” to fix this sort of thing. Automation, platform engineering and SRE is so 2021.
The answer is political, not as much technical. Anyone worth their salt in ITsec should push back hard on "checkbox compliance" and lobby accordingly in a standards body or regulator responsible for their vertical.
I do not think that is currently possible. Windows has support that no other OS has. Most big companies use Windows for workstations. Windows does not currently have alternative in that area and we cannot just throw it away without real alternative.
stop hijacking the endusers equipment with mandatory updates to systems that are working as desired; stop bulldozing everything into the cloud; stop implementing all systems must use identical HW SW and configuration regimes.
