Cybersecurity refers to the body of technologies, practices and processes meant to protect computers, data, programs and networks from an unauthorized access, attack or any damage (Fischer, 2009). Vulnerabilities refer to the flaws that malicious entities can exploit to gain privileges that they do not have the authority to gain on computer systems. Currently, the problematic situation that cyber security efforts to encounter includes the constantly and quickly evolving security risks, such as a new malware and new computer hacking techniques, such as fingerprinting, IP spoofing and buffer overflows (Fischer, 2009). Therefore, Information Technology managers in the contemporary society face a number of security vulnerabilities, which they should look for the appropriate countermeasures. The debate regarding the single most cyber security vulnerability has been common both online and offline (Garfinkel, 2012). The perspectives differ among different individuals based on their areas of occupation. For instance, a person managing e-business may have different views from a government security expert because of different occupations. This paper will consider the application of patch as the single most important cyber crime vulnerability facing information technology managers, i.e. the patch management for the emerging vulnerabilities.
Patch management refers to the field of systems management, involving the acquisition, testing and installation of multiple patches to administered computer systems (Gerace & Cavusoglu, 2009). This involves the accomplishment of various tasks, which include maintaining the available patches' current knowledge, ensuring the proper installation of patch applications, testing systems upon their installation, documenting all procedures, and deciding on appropriate patches for various systems. Therefore, system administrators, who engage in the patch management, should maintain the working knowledge of the patches installed to various systems within an organization. This will be extremely essential because the existing codes' new modification may lead to some issues with patches installed after a short time ago (Arora, Telang & Hao, 2008). The tasks of patch management may undergo the automation through such products as PatchLink Update and Gibraltar's Everguard. Sometimes, patches are ineffective, and, instead of fixing problems, they can cause devastating problems to an organization. However, system administrators make some attempts towards avoiding such problems as taking simple steps, including performing testing patches and backups on the non-critical systems just before their installation (Gerace & Cavusoglu, 2009).
Impacts of Patch Management
In the contemporary world, information technology managers should keep the software and hardware of their organizations' systems updated within short intervals of time. For instance, an information technology manager can design security protocols for handling necessary updates that will patch vulnerabilities. They may undergo the exploitation by computer hackers (Arora, Telang & Hao, 2008). This will enable them to minimize the possibilities of experiencing the emerging vulnerabilities in their organizations. When an information technology manager fails to patch known vulnerabilities, the organization's networks will be open to a number of attacks, including hackers and malware. This may lead to devastating damage to the organization's significant resources. Information technology managers should be aware that various vulnerabilities may lack the related patches. Therefore, information technology managers must be aware of the available patches for applicable vulnerabilities as well as other remediation techniques, such as employee training and network or device configuration changes. This reduces the vulnerability of computer systems (Arora, Telang & Hao, 2008).
Patching of computer systems manually has become ineffective because of the need to install numerous patches as attackers develop the exploitation of a code more rapidly (Gerace & Cavusoglu, 2009). This makes the vulnerability monitoring and patching of various vulnerabilities extremely overwhelming and daunting. The new and expensive technology of automated patching will be useful to system administrators for minimizing vulnerabilities of their computer systems to attackers (Gerace & Cavusoglu, 2009). Therefore, automated patching tools will also be useful to the protection of computer systems in small organizations. However, it will require the organization to use a phase approach when deploying the tools for patch management. This will allow system administrators to address the user communication and process issues before deploying any patch universally. If the organization fails to use a phase approach, the patch tools may not protect some systems effectively. Hence, the ineffective patch application will be significant to the cybersecurity vulnerability that information technology managers face in various organizations across the world (Gerace & Cavusoglu, 2009).
Although the patch application can be extremely effective while minimizing risk, it can make the organization to be extremely vulnerable to security problems, such as the intrusion of unauthorized users, as well attacks from malware and computers viruses (Maughan, 2010). For instance, attackers can get an access to the central computer of patch management and make use of the patch application in distributing malicious codes efficiently. Therefore, organizations should mitigate the risks partially through the use of standard security measures that are inevitable when deploying applications for an entire enterprise (Arora, Telang & Hao, 2008). This is a common challenge to information technology managers and system administrators in the present day. Thus, many organizations have experienced the cybersecurity vulnerability as a result of the harmful effects of using patch application tools. The attackers can devastate the organization just by using the organization's patch application tools upon accessing the tools illegally.
Security issues that are more vulnerable to the exploitation by script-kiddies require the immediate attention. However, it may be challenging for security experts to patch every security problem. The research has shown that the application of patches is both expensive and easy to put the organizations' computer systems to the risk of undergoing the exploitation by malicious intruders (Arora, Telang & Hao, 2008). The risks include the improper testing of the patch application, unexpected interactions of the patch application with the local system configurations and the failure of the patch application to fix the current security problems. When the patch application does not undergo the proper testing, it may not be stable and suitable for the protection. Therefore, the use of a patch application that has not undergone the proper testing will put resources of such an organization at risk. The unexpected interaction of the patch application with local system configurations may lead to the loss of the patch application's functionality (Gerace & Cavusoglu, 2009). This will make the patch application unable to protect the organization's resources. The failure of a patch application to protect the organization's computer systems will waste the time of a computer administrator. This is because the system administrator will try to use the patch application unsuccessfully in several attempts. The security research has not focused on the issues until the present day.
Finding appropriate patches for solving various security problems is a labor intensive and slow process (Gerace & Cavusoglu, 2009). This hinders the application of patch applications in a timely manner because an administrator being responsible in the installation will spend lots of time in looking for the appropriate patch applications. Some information technology experts may have the sufficient knowledge on how to find and apply various patches within the shortest time possible. Therefore, to find and apply patch applications with ease has become a significant public attention issue. The utimely application of patches will allow the malicious intruders enough time to attack the organization's computer systems (Gerace & Cavusoglu, 2009). This issue has continued to the present day. It has become as the significant cyber security vulnerability.
Many system administrators have the personal experience regarding the presence of security risks due to the use of patch applications (Arora, Telang & Hao, 2008). The lack of the objective assessment of the prevalence extent of flaws has led to some difficulties in judging when to use a patch to safeguard a computer system. System administrators delay the use of patch applications because of the high costs incurred. Other reasons of delaying patch applications are due the thorough testing and regulations and procedures (Arora, Telang & Hao, 2008). Measuring the delay of applying a patch is almost impossible. Some viruses and worms, as the Code Red, have attacked a number of computer systems successfully due to the delay of applying appropriate patches. Computer systems have become vulnerable to attack when experts do not install the patch applications in advance.
Information technology systems have experienced the major attacks over the last few years due to the known vulnerabilities even with the existence of appropriate patch applications before the actual outbreaks (Gerace & Cavusoglu, 2009). Therefore, the information regarding the patch applications can result into some problematic situations for organizations. Upon the release of a new patch application, attackers have started to make cooperative attempts to reverse the patch in few hours or days, to discover the vulnerability, as well as to design and release the appropriate codes that will exploit the vulnerability successfully. Therefore, the time that follows the patch release can be extremely dangerous for various organizations due to the time for obtaining, testing and deploying the patch application (Arora, Telang & Hao, 2008).
Addressing the Impacts
Organizations have been trying to improve the installation of patches through various steps over few years' time. Some organizations have installed the patch management application successfully while other organizations have installed the applications on an unplanned basis. This has led to the vulnerability of the organizations' computer systems to intruders (Gerace & Cavusoglu, 2009). In the present day, organizations are struggling to organize the patch management applications to avoid future exploitations from some unauthorized individuals. It is a challenge for information technology managers and system administrators to know that the effective use of patch application tools requires a combination of processes, technology and people in equal proportions. Many information technology managers understand the requirements of the effective use of patch applications tools, thereby putting the systems of their organizations at risk of remaining open to intruders (Fischer, 2009).
Experts should determine the most appropriate time to apply the patch by developing mathematical models of potential costs that experts require to patch. The development of cost functions for the system administrators will enable them to determine and deal with various security issues effectively. People recognize timely patching as the vital one for maintaining the operational confidentiality, availability and integrity of information technology systems. The information technology and security professionals must address some common problems. This includes the failure to keep the application software and operating a system patched. The release of new patches takes place on a daily basis. In most cases, system administrators with enough experience may encounter some problems in keeping informed regarding new patches, as well as in deploying the new patches properly and timely (Gerace & Cavusoglu, 2009).
It is recommendable for organizations to implement an accountable, documented and systematic process for the management of the exposure of its system to vulnerabilities by deploying the appropriate patches in a timely manner. Federal agencies should implement a number of actions that will assist in the vulnerability and patch management. One of the actions that the federal agencies should implement, include creating a patch and vulnerability group. This will facilitate the patch recognition and distribution within an organization. The patch and vulnerability group has the responsibility to implement the vulnerability and patch management program within the company (Arora, Telang & Hao, 2008). Therefore, the patch and vulnerability group allows the vulnerability remediation attempts, such as the implementation of configuration and patching changes for the application software and operating system. The patch and vulnerability group executes various duties, including the inventory of some information technology resources of an organization, monitoring security sources, prioritizing the order of addressing the vulnerability remediation, creating the remediation methods' database just to mention few actions (Garfinkel, 2012).
The second action that the federal should implement includes using the automated patch application tools to hasten the patch distribution to systems. The manual patching has become extremely ineffective because numerous patches should undergo the implementation to counteract the efforts of attackers developing codes rapidly to exploit vulnerabilities (Gerace & Cavusoglu, 2009). While the monitoring of vulnerability and patching may seem to be an overwhelming task, the application of the automated technology for patching can reduce this burden. The enterprise patch management applications allow a patching and vulnerability group to distribute patches and updates automatically to numerous computers within a short period of time. It is advisable for large and medium size organizations to employ the enterprise patch management applications for almost all computers that they use. Small organizations will also experience a secure computing environment through employing the automated patching applications (Garfinkel, 2012).
The third action that the federal should implement includes the deployment of the enterprise patch management applications by the use of phases. The implementation of patch management applications in phases will allow small groups to address the user communication and process issues. This precedes the deployment of patch applications in the entire organization (Garfinkel, 2012). Many organizations opt for deploying patch management applications first for the standardized desktop computer systems and the single-platform servers with a similar configuration. Organizations should then address such issues, as the integration of multi platform environments for legacy computers, computers with strange configurations and non-standard desktop computer systems. Manual techniques may be useful for applications and operating systems that the automated patching applications do not support (Gerace & Cavusoglu, 2009). This will also be a case with some computers that have some unusual configurations, including embedded systems, medical devices, experimental systems and industrial control systems. Such systems require the use of an implemented and written procedure for manual patching processes. The patch and vulnerability group have the responsibility of coordinating the efforts of local coordinators.
The fourth action of the federal government is to implement the assessment and mitigation of the risks associated with the deployment of enterprise patch management applications. It has been evident that the enterprise patch management applications can be effective at minimizing risks, as well as creating the significant security risks within the organization (Garfinkel, 2012). For instance, attackers can break into the organization's central computer for patch management and distribute the malicious codes efficiently using its enterprise patch management application. Organizations should mitigate such risks partially through the use of appropriate security measures. They should use them when deploying applications for enterprises (Gerace & Cavusoglu, 2009).
The fifth action that the federal should implement is to encourage organizations to use standard configurations for their information technology resources. It will be easier and cheaper for organizations to implement the vulnerability management and patch applications when using some standardized configurations. Organizations will require focusing the standardization attempts on the computer systems, which make up significant portions of the information technology resources (Garfinkel, 2012). Therefore, the use of a standardized system configuration will increase the ease at which organizations reduce their vulnerabilities to malicious intruders, which may harm the organization's databases and other significant resources. This is because vulnerability management and patch application will take place cheaply and within a short time period, thereby saving the organization's resources (Garfinkel, 2012).
The last action that the federal should implement is to determine the patch and vulnerability program's effectiveness consistently and apply remedial actions appropriately. Organizations can measure the extent to which they are susceptible to attack by virtue of the number patch applications required, the quantity of identified vulnerabilities, and the network services that are running on every system (Garfinkel, 2012). The measurements should take place for the individual's every computer within a system. After the measurements have been over, the organization will then aggregate the results to determine the results for the entire system. The moderation response time is the second measurement that the organization can make by virtue of how quickly it can identify, categorize and react to an emerging vulnerability and moderate the impact of this vulnerability on various resources in the organization. The determination of the vulnerability program and patch application's cost will follow the second measure. The research has shown that the cost may not be easy to measure due to splitting some actions between different groups and personnel (Garfinkel, 2012). Some of the costs that the organization should consider include the patch and vulnerability group, the support of a system administrator, the enterprise patch and vulnerability management applications. They also include some incidents that have taken place because of failures in the vulnerability management application and patch application.
The vulnerability and patch metrics are crucial. Thus, the organization should take some metrics, which will enable an information technology security program or a system program to reflect the maturity level of the patch and vulnerability management (Garfinkel, 2012). For instance, the metrics for the attack susceptibility, like the number of network services, patches and vulnerabilities for every system are significant for some programs the maturity level of which is low. Organizations should undertake the documentation of metrics taken for every system, as well as the details for each of the metrics. It is also extremely crucial to communicate the naturalistic performance aims at the metrics of system security officers and system owners. The organization can set more ambitious aims on achieving the earlier metric aims. The vulnerability and patch security level should undergo a careful setting to avoid deluging system administrators and system security officers (Garfinkel, 2012).
It has been apparent that the information technology managers are facing a number of cyber security vulnerabilities in various organizations across the world. The single most cyber security vulnerability, which faces information technology managers, includes the deployment of patch applications to prevent the impacts of emerging vulnerabilities. The deployment of patch applications has proved to be effective in protecting the computer systems and servers of some organizations. However, many organizations have found the patch application to be ineffective due to the installation cost and insufficient knowledge among computer experts. Some malicious intruders can be able to access the resources of the organization by using the organization's patch applications. Patch applications may also be ineffective because of a delay in the deployment of applications. This may take place because of the thorough testing and regulations and procedures by organizations as well as high costs incurred. Therefore, information technology managers in various organizations have faced some problems while attempting to ensure that the patch applications protect their organizational resources effectively. The federal government of Americans should implement a number of actions as the mitigation strategies against the cyber security vulnerabilities due to the use of patch and vulnerability management applications. The first action includes the creation of a patch and vulnerability group, which will facilitate the patch recognition and distribution within any organization. Using automated patch application tools to hasten the patch distribution to systems is the second action. The third action includes the deployment of enterprise patch management applications by the use of phases. The fourth action of it is to implement the assessment and mitigation of the risks associated with the deployment of enterprise patch management applications. The last action is to determine the patch and vulnerability programs' effectiveness consistently and apply remedial actions appropriately.