New Aberdeen Group Report: Patch Management

By Maria Eriksen Jensen

“Higher adoption of patch management corresponds to a lower percentage of accepted risks.”

This is just one of the interesting findings featured in Aberdeen Group's new report: ‘To Patch, or Not to Patch? (Not If, But How)'. The report explores the correlation between the current use of patch management and the level of endpoint-related risk that companies are effectively accepting.

A risk-based approach is proven to be a critical element of successfully managing vulnerabilities and threats. However, the overriding message is that deploying patch management represents the first half of the battle – HOW you patch also affects how you accept endpoint-related risk. Knowing how and what to patch pays off. The report therefore refers to findings from Secunia's recent white paper ‘How to Secure a Moving Target with Limited Resources' to further illustrate this point.

Other key findings include:

“About 90% of Best-in-Class enterprises deploy patch management.”
• “The leading performers are consistently more likely than the lagging performers to have current deployment of patch management.”
• “But analysis shows that while current use of patch management is foundational for success, taken by itself this does not differentiate top performance.”
• “Meanwhile planned use and current evaluations indicate a sharply increasing focus on endpoint-related vulnerabilities and threats in the Americas and EMEA.”

Source: Aberdeen Group 2011

Read Aberdeen Group's recommendations by downloading the report here.

I hope you find it a valuable resource for your patch management project.

Stay Secure,

Maria Eriksen Jensen, VP Marketing & Business Development