Better to be secure, or to feel secure?

GCN Insider | Survey says 99 percent of CIOs, CISOs feel more secure this year than last

Matt Mosher

A recent customer survey by Patchlink of 250 chief information officers and chief information security officers contained some good news: 99 percent of respondents said they feel more secure this year than last. This is an increase from 92 percent who said they felt more secure last year than the year before.

This is an unexpected item, considering the gloom and doom that generally accompanies information technology security assessments; most trends seem to indicate that we're on a highway to hell.

'That's a little surprising,' said Matt Mosher, Patchlink's senior vice president for the Americas. Like any statistic, this one is open to interpretation. 'I don't think it means 'I am secure, but 'I feel more secure,' ' he said. It is a subjective assessment, and Mosher speculated it might be driven in part by a feeling among CIOs and CISOs that they should be getting some return on all that money they have been spending on security.

One thing they apparently have to feel more secure about is the fact that 99 percent of respondents ' we don't know if it is the same 99 percent ' also said they are sending critical updates and patches to their IT systems within eight hours. Twenty-nine percent are getting them out within two hours. That's about double the number reporting those response times last year.

Processes for patch management are improving, Mosher said, and administrators are moving patches out more aggressively. This is at least partly because of a growing confidence in tools that scan for vulnerabilities and test patches on specific
configurations.

This is more good news, but as anyone who has ever been in an orchard knows, once you pick the low-hanging fruit, you find another one hanging right above it. Now that patching is under control, the greatest security concern reported in the survey is zero-day vulnerabilities, those problems for which no patch is available. It's always something.

About the Author

William Jackson is a Maryland-based freelance writer.

Featured

  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/Shutterstock.com)

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected