8 ways your patch management policy is broken (and how to fix it)

These eight patching best practices mistakes get in the way of effective risk mitigation. Here's how to fix them.

Not appropriately patching your software and devices has been a top reason why organizations are compromised for three decades. In some years, a single unpatched application like Sun Java was responsible for 90% of all cybersecurity incidents. Unpatched software clearly needs to be mitigated effectively.

So, it’s surprising to see that most organizations don’t effectively do patch management even though they think they do. Here are some of the common ways patch management policy is broken.

1. Not patching the right things

The number one patching problem is not patching the highest risk applications first. You’ll find hundreds to thousands of things that need patching in almost any environment, but a handful of software program types are by far attacked the most. Those need to be patched first, best and quickest.

To continue reading this article register now

Get the best of CSO ... delivered. Sign up for our FREE email newsletters!