RealNews

Former cybersecurity czar suggests patch clearinghouse

Who hasn’t installed a patch that ends up breaking another application? Wouldn’t it be nice if there were an independent group that tested patches with common applications? That is exactly what Richard Clarke, the White House’s former cybersecurity advisor, suggested this week at a CSO roundtable sponsored by scanning services provider Qualys. “Companies get patches from Sun, Microsoft and Oracle that they say are to fix problems but they don’t say what other things [the patches] would do to the network,” he said. Clarke envisions organization like CERT would handle the patch testing duties. It could test new patches against perhaps the top 100 applications from companies like Siebel, PeopleSoft and Oracle. Custom or proprietary applications would have to be tested in-house. Full Story

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.