{"id":47,"date":"2004-02-04T00:00:00","date_gmt":"2004-02-04T00:00:00","guid":{"rendered":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/2004\/02\/04\/patch-management-find-the-weakest-link\/"},"modified":"2021-12-30T11:36:22","modified_gmt":"2021-12-30T11:36:22","slug":"patch-management-find-the-weakest-link","status":"publish","type":"post","link":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/2004\/02\/04\/patch-management-find-the-weakest-link\/","title":{"rendered":"Patch management: Find the weakest link"},"content":{"rendered":"<p>Everyone should agree that when it comes to maintaining a corporate network of computer systems, security is only as strong as your weakest link.   Sometimes that weak link is not a computer but a system designed to support those computers.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>You need a solution that proactively builds security defenses before the damage is done&#8212;instead of reacting after it&#8217;s too late.  According to the Carnegie Mellon University, more than 90 percent of all security breaches involve a software vulnerability caused by a missing patch that the IT department already knows about.  That means most IT departments lack a methodology for rapidly deploying patches.  The rest are ones that they did not know about and probably lacked the resource to investigate.<\/p>\n<p>You need to get as close to 100% of your vulnerabilities covered as quickly as possible since one breach can be devastating and costly.  Until operating system and application vendors start writing perfectly secure software, IT administrators will have to deal with the patch problem.  But effective patch management is more than just plugging holes and hoping for the best.  It&#8217;s an ongoing, systematic process that can benefit from automation.  If your IT environment shows any of these early warning signs, you will have a problem:<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-47","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/47","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=47"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/47\/revisions"}],"predecessor-version":[{"id":2534,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/47\/revisions\/2534"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=47"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=47"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=47"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}