In January it was revealed that there were two baked-in flaws in the microprocessors used by billions of devices globally, from laptops to servers and mobile devices. The security flaws caused consternation and a flurry of activity around the world as organizations struggled to apply software patches to the flaws to Windows, Linux and MacOS.
But software patches can't fix hardware design flaws, they can only attempt to minimize the risk with a costly performance trade-off in some cases.
And the lesson from Meltdown and Spectre isn't just about the importance of patching. It's that technology alone isn't the cause - or the solution to - cyber risk.