Can we not expect companies to patch anymore?

Is patching unreasonable in 2024? If so how do we mitigate vulnerabilities?

TL;DR

• For as long as cyber has existed, we have said: AAA to safeguard your CIA. Lock your front door, manage access, monitor what is done. And patch.

• With so many patches reverse engineered so quickly