By Maria Eriksen Jensen
“Higher adoption of patch management corresponds to a lower percentage of accepted risks.”
This is just one of the interesting findings featured in Aberdeen Group's new report: ‘To Patch, or Not to Patch? (Not If, But How)'. The report explores the correlation between the current use of patch management and the level of endpoint-related risk that companies are effectively accepting.
A risk-based approach is proven to be a critical element of successfully managing vulnerabilities and threats. However, the overriding message is that deploying patch management represents the first half of the battle – HOW you patch also affects how you accept endpoint-related risk. Knowing how and what to patch pays off. The report therefore refers to findings from Secunia's recent white paper ‘How to Secure a Moving Target with Limited Resources' to further illustrate this point.
Other key findings include:
• “About 90% of Best-in-Class enterprises deploy patch management.”
• “The leading performers are consistently more likely than the lagging performers to have current deployment of patch management.”
• “But analysis shows that while current use of patch management is foundational for success, taken by itself this does not differentiate top performance.”
• “Meanwhile planned use and current evaluations indicate a sharply increasing focus on endpoint-related vulnerabilities and threats in the Americas and EMEA.”
Source: Aberdeen Group 2011
Read Aberdeen Group's recommendations by downloading the report here.
I hope you find it a valuable resource for your patch management project.
Maria Eriksen Jensen, VP Marketing & Business Development