Patch management: A dull IT pain that won’t go away
To get IT operations, software developers, and security teams on the same page, Qualys’ Livne advises focusing on common goals.
“From a team perspective, look at how you can create shared goals across developer, IT operations, and security teams to work together and deliver better results. Working on common objectives makes it easier to collaborate, communicate and eliminate risks,” he says. “This also improves accountability across all the teams involved, rather than shifting blame between teams, as has happened in the past.”
Pentest People’s Newton adds: “Significant improvements in patching practices can be made by establishing joint ownership of patch delivery between IT and security teams.”
Dave Harvey, director of the cyber response team at KPMG UK, agrees, adding that successful companies infuse secure practices early in their development processes.