Federal CISOs Rank Patch Management As Biggest Obstacle
Survey by Intelligent Decisions indicates that patch management leaves less time for chief information security officers to work on improving overall security.
Patch management is the biggest problem facing many federal chief information security officers, shows a study released today.
The survey by IT consulting firm Intelligent Decisions Inc. was conducted with the participation of 25 government CISOs. Their concerns over patch management outweighed unease about network compromises, compliance with the Federal Information Security Management Act, cyberattack preparedness, critical infrastructure protection, and the impact of downtime of their business-technology systems.
"Patch management ranked so high because it touches every part of their infrastructure, and there are so many patches coming out that everyone is worried whether or not they're keeping up," says Ted Ritter, director of cybersecurity for Intelligent Decisions.
The survey also showed that, on a typical day, federal CISOs spend three hours completing compliance reports, and roughly one hour per each day is spent on troubleshooting, system administration, and collaborating with vendors. About 30 minutes each day is spent on network monitoring, architecture development, and inventory.
The survey results demonstrate the obstacles of maintaining IT security within the federal government. Says Ritter: "It's clear that CISOs are bogged down on administrative tasks and have precious little time to work on improving their overall security."
IT's Reputation: What the Data SaysInformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business really views IT's performance in delivering services - and, more important, powering innovation. Our results suggest IT leaders should worry less about whether they're getting enough resources and more about the relationships they have with business unit peers.
What The Business Really Thinks Of IT: 3 Hard TruthsThey say perception is reality. If so, many in-house IT departments have reason to worry. InformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business views IT's performance in delivering services - and, more important, powering innovation. The news isn't great.