Skip to content
The failure to fully apply security updates (patches) to operating systems and software applications is the leading cause of cybersecurity compromise.
A recent survey by Ponemon Institute of over 3,000 organizations, found that half had experienced a cybersecurity breach in the last 2 years, and the majority of these were caused by the exploit of a vulnerability for which a patch was available.
What did the half that had not been compromised do differently? They had patched their environments.
Given that patching is so essential, why don’t more organizations simply patch their environments? It turns out that it is not so simple…
- Patching greatly increases the risk of an outage. The real pain of an actual outage in the “here and now” is felt more acutely than the theoretically larger pain of a security compromise. For this reason, many organizations defer patching indefinitely. See: Will Patching Break My Network?
- Patching of critical systems must occur outside of normal business hours. Many organizations do not staff their IT departments around the clock, yet this is when patching of critical systems must occur.
- Risk is unknown. Many organizations do not scan for unpatched vulnerabilities and do not recognize how exposed they really are. Without hard evidence, it’s difficult to generate the will to act.
Our recommendations? Scan your environment for unpatched vulnerabilities to understand your current level of risk. And do not procrastinate any further! Take action to implement an effective patch management process.
You want to enter in a fully burdened labor rate for this field. What that means is that you want to take the base hourly rate, plus 25-30% for employer payroll taxes, benefits, vacation/holiday time, etc.
Smoke testing is a type of software testing performed by Alvaka after a software patching sequence to ensure that the system is working correctly and to identify any misconfigurations or conflicts within the patched system.
This is a basic cost calculator for you to compute your typical monthly cost for patching your servers, PCs, laptops, tablets and associated application software. It also forms the basis for you to begin calculating your Return on Investment for software patching, or for comparison with alternatives to the manual process of patching operating systems and application software—such as Patch Management as a Service, also known as Vulnerability Management as a Service.
You want to enter in a fully burdened labor rate for this field. What that means is that you want to take the base hourly rate, plus 25-30% for employer payroll taxes, benefits, vacation/holiday time, etc.
Smoke testing is a term used to describe the testing process for servers after patches are applied.