Re: "Many of the most significant breaches were caused by unpatched servers"
..patching servers have never have really been an issue in any half decent organisation, even the likes of the NHS could do it.
Yes, but here again we meet the real world difference between could and did.
In theory I could get Kylie Minogue in bed, but really, will I? The odds of that are magnitudes better than the odds of the NHS patching its estate. With serverless, they no longer have the opportunity to screw it up.
There are draw backs, as the author points out, but most of these are readily manageable with a credible CI/CD pipeline and capable developers.
Serverless isn't a panacea, but it is the future. It just takes too long to have a server provisioned, installed in a DC, and available to developers. Yes, that might be more a function of organisational politics than technology, but serverless drives a coach an horses through that too.
As a dev, serverless moves problems from beyond my control, to mostly under my control. And as we know, things WE can change always change faster and better than things we have to rely on others to change.