Re: Public services are probably at higher risk
Actually I refute that. I work for a vendor that isn't F5 or Citrix and I would say that security is one of the highest priorites in the development team. Hence we've never had a vulnerability that you could drive a fleet of buses through.
I'm not mentioning who I work for obviously as I'm trying remain impartial. But we have darn good reviews on Gartner Peer Insights.