Security Patch Management is one of the biggest cybersecurity and compliance challenges for IT organizations today. History reveals that many data breaches were successful because of vulnerabilities associated with missing security updates. Patching is complex, people expensive, and time-consuming. Further, the frequency and scope of patching continues to grow creating more risk.
This session presents a new approach to security patching by incorporating Agile and NIST best practices methodologies. Useful tools and techniques are discussed to help IT and Security teams better collaborate with this important recurring operations duty. Attendees will gain the following insights:
- Agile for Operations framework
- Key guidance from NIST SP 800-40 Creating A Patch and Vulnerability Management Program
- Essential People, Process, and Technology for recurring patching services using Agile
- Patch Backlog Management
- Collaborating using Scrum and Sprint approach
Technical Level: Medium