You are only as secure as your weakest link. To do business in today's world requires different systems and connections often on a global scale. However, with organizations and individuals all over the world so connected, a compromise of one organization is likely to affect many others.
A perfect case in point is the Solar Winds breach. By compromising one organization, the hackers were then able to attack many other organizations. SolarWinds had a trusted product in many organizations.
Security professionals are always telling everyone to patch their software. What sometimes gets lost in translation (and workload) is the importance of testing and never fully trusting anyone. All patches should not just be installed. They should be checked for malware and other issues before they get rolled out. That testing does need to occur in a timely manner as not patching can have consequences. There should also be detection mechanisms in place. In today's world it is not an if but a when an attacker will attack. It is critical to know when something is happening so that actions can be taken. It is also important to limit the possible effects. For example, having a firewall in place could prevent reach out. While no one thing guarantees protection, adding in a layered defense reduces the risks.