The profile of patch management has risen considerably in the last year due to the number of major breaches that have taken place where basic patches had been overlooked. News stories repeatedly note that the organizations impacted by breaches had often failed to install high-priority security patches from the likes of Microsoft Exchange , Fortinet , and other well-known names. In many cases, the patches had been available for months or, in a few cases, years. Yet, IT departments had failed to deploy them.
Such stories have made it clear that patch management is a vital aspect of enterprise security and note to be neglected. Here are five top trends in patch management in 2022.
See our picks for the Top Patch Management Tools 1. Automation
Good patch management processes require automation of not just the patching process itself but also approvals, reboots, and reporting.
For example, Ashley Leonard, CEO at Syxsense, said that in the event a production server needs to be patched, there are so many actions involved that automation can save organizations a large amount of time.
“You might want to get permission from the server owner,” he said. “If a reboot is required, this might need to be scheduled, and when the process is complete, you should be able to prove compliance.”
To the extent that regression testing of a patch gets in the way, that too should be automated to the extent possible.
And more vendors may go the way of Microsoft, which has begun automatically disabling some features until patches can be applied. 2. Wider Patching Range
The move to remote work and home networks accelerated the trend of patch management becoming far more distributed. Older patch management systems were built around the concept of a firewall protecting an internal IT infrastructure. With the COVID-19 pandemic, the work changed overnight; home working has accelerated the move away from on-premises patching tools to cloud patch management.
The number of devices and workloads has changed, too. Beyond patching PCs, desktops, and servers, virtual devices and cloud devices have now been added to what needs patching. This is also giving rise to a patch-everything approach.
“Organizations have traditionally focused on patching operating systems like Microsoft Windows while ignoring the real threat and patch requirements from third-party applications, OS drivers, IoT devices, and network infrastructure,” said Leonard. “We are seeing customers wanting to understand their entire attack surface and patch everything.” 3. Unified Security and Endpoint Management (USEM)
There is a move to consolidate security and endpoint management technologies. After all, a lack of good patch management practices has allowed ransomware to enter and propagate within a target environment. A single combined USEM solution provides the ability to scan for not just patch vulnerabilities but configuration vulnerabilities as well and leverage combined management technologies to perform configuration changes to remediate any detected vulnerabilities.
“We are seeing the unification of operations and security data to improve visibility and risk-based prioritization,” said Jon Thomas, senior director of product management at BMC.Many endpoint detection and response (EDR) solutions […]