DocumentCode
1068570
Title
Reducing Internet-based intrusions: Effective security patch management
Author
Brykczynski, Bill ; Small, Robert A.
Author_Institution
Software Productivity Consortium, Herndon, VA, USA
Volume
20
Issue
1
fYear
2003
Firstpage
50
Lastpage
57
Abstract
The Software Productivity Consortium (the Consortium) has been investigating methods for improving and measuring four essential defenses against Internet-based threats: security patch management, system and application hardening, network reconnaissance and enumeration, and tools against malicious software. These defenses increasingly are critical to an organization´s information security posture and should be implemented in an effective, systematic, and repeatable fashion. Senior-level managers or executives should review process measurement data regularly to ensure that these defenses are being performed properly and to provide an objective basis for organizational improvement. This article focuses on lessons learned implementing improvements in the first of these defenses, security patch management, and is derived largely from pilot projects conducted in collaboration with Consortium members. The need for improved security patch management figured prominently in the recent draft cyber security strategy issued by the White House. The practices examined in this article can assist organizations in substantially reducing the risk from Internet-based compromises.
Keywords
Internet; authorisation; Internet based intrusions; Internet-based threats; application hardening; malicious software; network reconnaissance; security patch management; Application software; Computer security; Data security; IP networks; Information security; Internet; Productivity; Reconnaissance; Software measurement; Software tools;
fLanguage
English
Journal_Title
Software, IEEE
Publisher
ieee
ISSN
0740-7459
Type
jour
DOI
10.1109/MS.2003.1159029
Filename
1159029
Link To Document