Priorities for Exposure Management, Chris Goettl, VP Security Product Management, Ivanti
See more insights into exposure management strategy and IT/security alignment in Ivanti’s research report: Secure Unified Endpoint Management.
Chris Goettl, Ivanti's VP of Security Product Management shares best practices for secure unified endpoint management and explains why organizations should focus on exposure management to effectively mitigate risks.
Historically, there is tension between security and IT priorities when it comes to patching. While security focuses on addressing potential vulnerabilities immediately, IT's primary mandate is to ensure the business stays operational. By clearly articulating the roles and responsibilities of these two groups, organizations can eliminate duplicate work and integrate processes and technologies to streamline operations.
To effectively manage patching, Goettl suggests organizations adopt a dual-track approach:
· The first track involves regular monthly maintenance, where systems receive scheduled updates within a scheduled window.
· The second track is a continuously running process that focuses on priority updates, such as browser updates, to address critical vulnerabilities promptly.
By implementing these two tracks, organizations can strike a balance between regular maintenance and rapid response, ensuring comprehensive patch management.
This two-track approach emphasizes the importance of shifting the key performance indicators (KPIs) you use to measure actively exploited vulnerabilities to focus on critical vulnerabilities to be urgently addressed and other ongoing exposure maintenance and management.
Reevaluating your processes and KPIs in this way allows organizations to prioritize their patching efforts effectively and consistently meet or exceed their compliance numbers.
0:00 - Patch & Role Managagement
0:25 - Integration & Solution
1:16 - Evolution & Exposure
1:55 - Prioritization & System
2:42 - Shifting KPIs