Continuing from the previous discussion on the most significant areas of technical concern in the area of information security and assurance and the three P’s – Passwords, Patching and Ports, let’s talk next about Patching.
The Second P – Patching: Patching continues to strengthen for organizations on their external/perimeter networks and the number of discovered vulnerabilities has decreased as well as their risk level. This trend appears to be a positive one. However, the Tootsie Roll tagline “hard on the outside and gooey on the inside” continues to ring true. Internal networks continue to have large amounts of vulnerabilities. The patch management process can be effective, but it seems companies are often behind on their infrastructure patching and the patching of their various and growing numbers of applications and databases.
Stay tuned for the final segment tomorrow on the third P – Ports…
Tim is a Senior Security Consultant at Zensar