A Practitioner's Approach to an Effective Patch Management Framework
The global WannaCry ransomware epidemic reveals the dangers of poor patching hygiene. Why are so many organizations so slow to patch? Security teams and CISOs may want to patch immediately, but many business owners demand patches be thoroughly tested to avoid any potential business downtime, leading to weeks of testing and compliance clearances. As a result, some patches are never made.
Another important issue is the use of unlicensed software, which means the users never receive security updates.
What are the patch management best practices that CISOs need to follow? This session provides insights on a robust patch management strategy including:
- Rewriting the rules of patch management;
- Addressing patch management concerns; and
- Fixing bugs through patches.