TechTarget

Patching gets thumbs down

Half of UK IT professionals are concerned about the cost and time taken to manage patches for security flaws.

Half of UK IT professionals are concerned about the cost and time taken to manage patches for security flaws.

The situation is particularly acute in enterprises with more than 5,000 employees, according to a report by ICM Research.

Of the 100 IT directors and managers of companies with over 500 employees polled in the survey, 45 claimed software providers' exisiting methods of sending out patches were too costly or of poor value. 

“Patches can be a real burden, and from a security standpoint a lot of patches are completely irrelevant,” said John Holland, senior vice-president for international operations at security firm TruSecure, which commissioned the study.

Holland pointed to earlier research carried out by the firm, which concluded that of the 4,129 vulnerabilities reported in 2002, less than 2% were exploited by hackers.

Suppliers are not giving users “appropriate” information and patch alert services are too “generic” - they do not take into account what individual companies need, he said.

"Users need added-value services that provide information on criticality to help them prioritise patch application and help balance the workload involved in implementing and testing patches.

Key findings

  • 3% of UK IT professionals thought the patch management information they received was 100% relevant to their individual business needs.
  • 45% are concerned about the cost and value of patch management for security flaws.
  • 61% of respondents said managing risk is more important than simply managing security at an operational level.

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close