here are still serious exploits from 2010 that are not patched today...and even though solutions exists; a lot of organizations have not remediated those exploits why one should focus on Patch Management.
Data breaches are nowadays a common factor risk but there are ways to reduce the risk. Know your assets and get on top of your infrastructure, even if you have Signature-Based Defences and Content-Based Protection you still need to work with updating and patching your systems.
To work with Vulnerability Management is similar to preventing bad things to happen over time and is basically the exercise of limiting the chance of a breach by remediating vulnerabilities thereby reducing one’s overall risk level of being hacked.
If you look at your company network as a company car you know that every now and then you will have to drive the car to the motor vehicle inspection.
After the inspection you get a list of what type of defects the car has and how severe the defects are.