Effective Patch Management Strategies

Slides:

Advertisements

Similar presentations

Implementation of ShipManagement Systems Project Management Prepared by Lana Al-Salem Director of Projects Management SpecTec Ltd.

Advertisements

Agenda for Discussion Agenda for Discussion Risk Management Stakeholder Analysis project solutions for your world Gina Davidovic, PMP

Update Vehicle Inventory Project Barossa AutoDESA 10 th September, 2003 Andrew Lewis.

Building Sustainable Project Management Practices Dr. Janet Ply, PMP, Pendére Inc. Stacy Jaycox, CBAP, Tyson Foods ITRI’s Women in Technology Conference.

© 2013 Cisco and/or its affiliates. All rights reserved. 1 Cisco Public Building Trustworthy Systems Overview and Strategy 2013 RSA Conference January.

Data Breach Risks Overview Heather Pixton www2.idexpertscorp.com

A A A N C N U I N F O R M A T I O N T E C H N O L O G Y : IT OPERATIONS 1 Problem Management Jim Heronime, Manager, ITSM Program Tanya Friehauf-Dungca,

PROJECT MANAGEMENT (PM) STRATEGIES FOR CLINICAL ENGINEERING Sanjeev Hiremath Princess Margaret Hospital, Perth Brett Anderson Perfect Project Planning,

© Copyright Lumension Security Lumension Security PatchLink Enterprise Reporting™ 6.4 Overview and What’s New.

Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.

Vulnerability Assessments

Website Hardening HUIT IT Security | Sep

1 BUSINESS CONTINUITY AND DISASTER RECOVERY PLANNING Reducing your Risk Profile MIDWEST DATA RECOVERY INC.

Information Security Governance 25 th June 2007 Gordon Micallef Vice President – ISACA MALTA CHAPTER.

PATCH MANAGEMENT: Issues and Practical Solutions Presented by: ISSA Vancouver Chapter March 4, 2004.

Copyright Security-Assessment.com 2004 Vulnerability Management Explained By Peter Benson.

In the Cloud How to Address Security in the Cloud.

Auditing IT Vulnerabilities IT vulnerabilities are weaknesses or exposures in IT assets or processes that may lead to a business risk or security risk.

The Real Deal With SIM/SEM The Promise of Security Information / Event Management Scott Sidel Sr. Security Manager Computer Sciences Corp.

IT Security – Scanning / Vulnerability Assessment David Geick State of Connecticut IT Security.

TRACK 3 (EXECUTIVE): Managing Storage -- A Plan of Attack Roles and Responsibilities in the Storage Group John Webster Senior Analyst and Founder Data.

Cctv Management Solution - CMS From – Intelitech Solutions Pvt. Limited. [ ITSPL Group ]

3 rd Jericho Forum European Conference Delivering solutions to the Jericho Forum Blueprint 24 th April 2005 Olympia, London Hosted by Reed Exhibitions.

Thursday, February 16, :30 AM – 12 PM PST AGENDA:  Introductions & Overview -- Laurie True, Executive Director, CWA  Research Report: Breastfeeding.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Defense Security Service Joint Industrial Security Awareness Council March 20, 2015.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Internal Controls To Reduce The Risk of Fraud May 20, 2015 Personalized Service By Business and Accounting Experts.

Security Snapshot Assessment Maximizing Return on Security Investment What assets do we have? What is running on those assets? What is our risk level?

Continual Service Improvement Methods & Techniques.

BYOD: An IT Security Perspective. What is BYOD? Bring your own device - refers to the policy of permitting employees to bring personally owned mobile.

1 Session ITM 1.4 Healthcare Operations: East meets West David Shaw Director IT Systems Operations.

Computer Security Innovation IMHO Presented for your consideration by: Fred Seigneur.

Making ECM Work for Your Company: Things to Consider to Ensure Success Johnny Gee CTO & Principal Architect Beach Street Consulting.

Experience you can trust. Regulatory frameworks A UK perspective John Scott KEMA: Director, Network innovation formerly OFGEM: Technical Director and National.

Appendix A: Designing an Acceptable Use Policy. Overview Analyzing Risks That Users Introduce Designing Security for Computer Use.

Fine Tuning: Six Things You Can Do Right Now to Improve Your Information Security Chad Carrington.

System Administration Security Philosophy. Why should you care about security? ● You may be obligated to do so under various rules or laws: – FERPA –

BruinTech Vendor Meet & Greet December 3, 2015

Global Libraries – Recommendations for Leaving the Field Strong National Libraries – New Service Solutions CDNL - August 22, 2017 © Bill & Melinda Gates.

Citrix: Proactively Addressing Enterprise Wide Access Compliance with SAP® Access Violation Management Company Citrix Systems Inc. Headquarters Ft. Lauderdale,

Lessons Learned: Implementing a Vulnerability Management Program

Data Architecture World Class Operations - Impact Workshop.

Leverage What’s Out There

Why Don’t They Do as They’re Told?

Speaker’s Name, SAP Month 00, 2017

Switchover from Teledeposit to VIRTUAL TERMINAL Moneris Solutions

CMGT 430Possible Is Everything/tutorialrank.com

CMGT 430Education for Service/tutorialrank.com

Cyber Exposure – The Next Frontier

Objectives and Goals Understand Precision Medicine and why a diverse cohort is crucial for success Describe the nuanced issues in Precision Medicine and.

Automate Managing Oracle License Entitlements

Chapter 10: Supporting and Maintaining Desktop Applications

The case for cloud Bill La Ruffa | Sr. Sales Enablement Specialist.

Cybersecurity Special Public Meeting/Commission Workshop for Natural Gas Utilities September 27, 2018.

Frameworks, Standards, Guidelines, and Best Practices

Contact Center Security Strategies

Urban Frei ecos Basel, Switzerland

Contents subject to change.

Usability Issues in Identity Management Improving the engagement ceremony between users and services Panel Moderator: J. Trent Adams

The Artificial Sweetener in CEO Pay

Risk Management CSCE 489/689 (Software Security) Fall 2018

Mastercard® Threat scan

Community Health Needs Assessment

Using a Nessus Scanner on a

CYBERSECURITY IS A Business Issue

Mastercard® Threat scan

Security+ All-In-One Edition Chapter 18 – Change Management

Speaker’s Name, SAP Month 00, 2017

OSAP Recipient meeting August 20, 2019

Presentation transcript:

Effective Patch Management Strategies A panel discussion Lawrence Walsh, executive editor Information Security magazine

What is patch management? Patch management is the proactive, measured response to known vulnerability exposures and risks.

Patch Management Agenda What is a security patch? Prioritizing Patching Need for Testing Inventory Control Standardization v. Diversity Re-architecting Networks Separation of Duties

What is a Security Patch? Is there a difference between a security patch and a functionality patch? And should we care?

Prioritizing Patching Can you trust how vendors rate the criticality of patches? How do you assign criticality ratings in your own environment?

Need for Testing Do we rush to patch or should we hold off and leave systems exposed while we test? Can an enterprises effectively test patches?

Inventory Control Why keep accurate inventory? Methods for inventory control? Consequences for poor inventory control?

Wash, Rinse, Repeat Deploy Validation Reporting No Patch Available, Machines Remain Vulnerable (Unsupported implementations)

Separation of Duties Who should lead patching efforts Why is there a need for separation of duties

Re-architecting Networks Does re-architecting reduce the need for patching? What are the pitfalls of re-architecting? Is it worth the cost? Are new chokepoint solutions effective?

Thank you. Questions, comments? These panelists will not be available at the Ask-the-Experts booth in the Exhibit Hall. Please send questions to lwalsh@techtarget.com.