The Top 10 Lessons Learned From These Attacks

I want to wrap up here in reviewing these different attacks, it's hard for me to see much commonality other than that in some way they involve the supply chain. But I'm having trouble drawing any really top 10 lessons learned. What's your perspective on that? Is there any real takeaways from this or is this more just about doing all the things that people already know like patching and two factor and protecting credentials and everything else? Yeah, I think there's a lot of low hanging fruit that folks already know, kind of the brush your teeth, eat your vegetables style advice that people should have been doing but kind of never really prioritized until now.