Better to be secure, or to feel secure?

GCN Insider | Survey says 99 percent of CIOs, CISOs feel more secure this year than last

Matt Mosher

A recent customer survey by Patchlink of 250 chief information officers and chief information security officers contained some good news: 99 percent of respondents said they feel more secure this year than last. This is an increase from 92 percent who said they felt more secure last year than the year before.

This is an unexpected item, considering the gloom and doom that generally accompanies information technology security assessments; most trends seem to indicate that we're on a highway to hell.

'That's a little surprising,' said Matt Mosher, Patchlink's senior vice president for the Americas. Like any statistic, this one is open to interpretation. 'I don't think it means 'I am secure, but 'I feel more secure,' ' he said. It is a subjective assessment, and Mosher speculated it might be driven in part by a feeling among CIOs and CISOs that they should be getting some return on all that money they have been spending on security.

One thing they apparently have to feel more secure about is the fact that 99 percent of respondents ' we don't know if it is the same 99 percent ' also said they are sending critical updates and patches to their IT systems within eight hours. Twenty-nine percent are getting them out within two hours. That's about double the number reporting those response times last year.

Processes for patch management are improving, Mosher said, and administrators are moving patches out more aggressively. This is at least partly because of a growing confidence in tools that scan for vulnerabilities and test patches on specific

This is more good news, but as anyone who has ever been in an orchard knows, once you pick the low-hanging fruit, you find another one hanging right above it. Now that patching is under control, the greatest security concern reported in the survey is zero-day vulnerabilities, those problems for which no patch is available. It's always something.

About the Author

William Jackson is a Maryland-based freelance writer.


  • business meeting (Monkey Business Images/

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected