Many organizations appreciate the regularity of Patch Tuesday to better prepare and execute patch deployment. However, few organizations use the time prior to Patch Tuesday to efficiently prepare systems and people for rapid deployment. In 2005, the industry average to fully deploy a new critical security patch was a full 30 days. With the rise of zero-day threats and the release of out-of-cycle patches, administrators need a plan for handling emergency policy and patch updates.
Although the most damaging viruses and worms can penetrate critical systems in a matter of seconds, it isn't necessary to sacrifice an ounce of your company's critical data to one of these attacks. Organizations can escape the wrath of even the most tenacious worms and viruses provided two key ingredients are in place: a standardized, documented process for patch and vulnerability management and the right people working together around this process.
Security and vulnerability patching has become one of the top concerns for IT managers, but has also left many IT teams fighting a losing battle as the job of patching competes with daily system maintenance and security tasks.