15 years ago the world was still coming to grips with cyber security, in the desktop realm it was a race to install and patch windows xp before it became infected with malware.

Today if infrastructure is not 100% airgapped (and even that isn't necessarily enough) then it should be considered criminal negligence.