Technology vendors should be required, by federal law with substantial financial penalties for failure to comply, to provide security updates to any network device in perpetuity, writes Bobby Ess.