Federal CISOs Rank Patch Management As Biggest Obstacle
Survey by Intelligent Decisions indicates that patch management leaves less time for chief information security officers to work on improving overall security.
Patch management is the biggest problem facing many federal chief information security officers, shows a study released today.
The survey by IT consulting firm Intelligent Decisions Inc. was conducted with the participation of 25 government CISOs. Their concerns over patch management outweighed unease about network compromises, compliance with the Federal Information Security Management Act, cyberattack preparedness, critical infrastructure protection, and the impact of downtime of their business-technology systems.
"Patch management ranked so high because it touches every part of their infrastructure, and there are so many patches coming out that everyone is worried whether or not they're keeping up," says Ted Ritter, director of cybersecurity for Intelligent Decisions.
The survey also showed that, on a typical day, federal CISOs spend three hours completing compliance reports, and roughly one hour per each day is spent on troubleshooting, system administration, and collaborating with vendors. About 30 minutes each day is spent on network monitoring, architecture development, and inventory.
The survey results demonstrate the obstacles of maintaining IT security within the federal government. Says Ritter: "It's clear that CISOs are bogged down on administrative tasks and have precious little time to work on improving their overall security."
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.