RealNews

Agencies need help with patch management, GAO says

The government should consider providing centralized patch management services to help agencies with the chore of keeping IT systems protected against software vulnerabilities, according to a new General Accounting Office report. GAO found that most agencies are struggling to keep up with the task of installing software patches, often lacking consistent policies and resources for handling the critical job. It recommended that the Office of Management and Budget study the feasibility of a service that could handle at least part of the job. It also said that more specific OMB guidance could help. “Although OMB and federal agencies recognize that implementing common practices for effective patch management can help agencies mitigate the risk of attack and improve their overall security posture, the results of our survey indicate that agencies are not consistently performing these common practices,” the report said. Full Story

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.