The mindset that changing a system out has risks and that engineers/ops time is very expensive?

I mean, I hear you, it sucks that being honest about the issue is leading to punishment, but rationally this is just how people are going to end up responding. If they really want to avoid this, don't give it to them for free, pay them for it.

No it’s not. Considering changing vendors because a vendor did the right thing and sent out free replacements for potentially compromised hardware is not something any sane client would do.

The GP didn't say that though. They said they were already considering replacing one vendor with another, prior to this incident.

As I understood it, the calculus was 'do nothing and keep the current barracuda stuff for a while longer or find another vendor and replace the barracuda stuff?' Now the former option is gone, and the calculus is 'replace current barracuda stuff with barracuda or another vendor?' So if you were already considering switching vendors, now is an opportune time to do so. You're going to be paying the eng/ops cost now anyhow, and as many in this thread have pointed out, one or two fairly off-the-shelf hw appliances are not exactly a big spend.

>You're going to be paying the eng/ops cost now anyhow,

No you’re not. The people in this thread saying that have never actually managed technology because a vendor change that also requires a hardware swap is significantly more expensive than the drop in hardware swap.

The only exception to this is if you were already in the middle of the transition and were planning to phase it out shortly anyway.