Far too many successful cyberattacks have involved known vulnerabilities that were allowed to go unaddressed.
While it’s clear that no organization can afford to approach patch management haphazardly, the reality is few IT teams have the time or resources to do anything other than pick and choose which urgent tasks will receive their attention. To avoid this conundrum, savvy organizations will look to the various commercially available patch management solutions to help their IT departments take a more comprehensive approach to this highly critical mission.
What are the Hard & Soft Metrics?
It’s important to understand that not all patch management tools are created equal. Careful consideration is essential to ensure that a particular vendor and its solutions will meet an organization’s needs amid a backdrop of ever-evolving cyber threats.
Evaluation should initially focus on the “hard metrics” to determine how a prospective vendor’s core product features stack up against an organization’s key technical criteria. Designating specific criteria – patch coverage, support for third-party patches, ease of deployment, etc. – as “table stakes” will allow an IT team to quickly and easily identify solutions that align with their needs and eliminate other vendors from as the evaluation process progresses.
From there, IT leaders and operations teams can move to reviewing solutions for “soft metrics.”
These include patch coverage and other attributes crucial to comprehensive patch management, as well as the “decision trigger” features that have the potential to impact an organization significantly. For example, many IT teams would find the ability to run patch management from the cloud to be a considerable advantage, especially when devices are dispersed beyond their organization’s network, as is common in today’s remote and hybrid work environments.
What are the Solution’s Reporting Capabilities?
The importance of reporting can’t be overstated when evaluating potential patch management solutions. When reporting is optimal, IT staff will spend far less time compiling documentation for their organization’s Board and other key decision-makers.
Merely reporting a complex list of vulnerabilities can make a report almost unintelligible. The best patch management solutions allow organizations to draw actionable insights from their reporting to drive valuable security improvements. In most cases, unified solutions will enable better reporting. This is especially true when an organization’s coverage needs extend beyond assets that patching would traditionally cover, such as hardware devices on the IOT side
Bottom line: If a choice must be made between key product features and reporting capabilities, organizations will be better served by sacrificing some technical criteria for the sake of optimal reporting.
Where is a Vendor Directing Future Investments?
It’s essential to know if a vendor is investing for the future (they all are), but also whether or not they’re investing in the direction of where market demand is headed and at a pace that will keep up with that demand.
Firmware patch management, for example, is quickly becoming a critical problem within the IOT space, as doing so within its interface and with its reporting simply isn’t scalable because it’s poised to become an essential feature for many – if not most – organizations moving forward, a prospective vendor should already be directing investment toward that area.
It’s also essential to determine whether or not a vendor is striking a good balance between maturing their existing patch management platform and introducing new features, as those that are will be better able to reduce some of the disruptions that can accompany future innovation.
What About Automation and AI?
More than a buzzword, automation has become a significant driver of conversations surrounding patch management. With IT staff constantly being asked to do more with less, organizations are prioritizing anything that will alleviate the load and increase satisfaction in their day-to-day work. By this point and in this environment, every vendor should be focusing on developing automation capabilities that will allow IT teams to spend less time setting up patch deployment and management.
While AI is not currently impacting the patch management space, it is poised to do so in the very near future. Current AI isn’t 100% accurate but does exceptionally well when solving incredibly complex issues where accuracy isn’t important. If it can help move the needle in terms of prioritizing tasks, identifying change, and automating tuning of the dial, patch management would be an ideal space for utilizing AI
By taking the time to identify the right patch management tool and vendor for their needs, organizations will be much better positioned to ward off cyberattacks and ensure business continuity even in the face of ever-evolving security threats.
For more insight on choosing a patch management solution, check out this webinar with GigaOm CTO and research analyst, Howard Holton: Analysts Insights: Gigaom Radar for Patch Management.