More than half of breaches occur after fixes are available, revealing an execution gap as delayed patching turns known vulnerabilities into ongoing enterprise risk.