科技报告详细信息
Optimizing Network Patching Policy Decisions
Beres, Yolanta ; Griffin, Jonathan
HP Development Company
关键词: network devices;    patching;    security analytics;    decision support;    vulnerability management;    policy;   
RP-ID  :  HPL-2009-153
学科分类:计算机科学(综合)
美国|英语
来源: HP Labs
PDF
【 摘 要 】

Patch management of networks is essential to mitigate the risks from the exploitation of vulnerabilities through malware and other attacks. However, by setting the patching policy for network devices, the IT security team often creates burdens for IT operations or disruptions to the business operations. Different patch deployment timelines could be adopted with the aim of reducing this operational cost, but care must be taken not to substantially increase the risk of potential emergency disruption from exploits and attacks. In this paper we explore how the IT security policy choices regarding patching timelines can be made in terms of economically-based decisions, in which the aim is to minimize the expected overall costs to the organization from patching-related activity. We introduce a simple cost function that takes into account costs incurred from disruption caused by planned patching and from expected disruption by an emergency. We apply a system modelling and simulation approach to produce results that show disruptions caused under changing patch deployment timelines, and use the results together with the cost function to identify the optimal patching timelines. The results from this work can be easily applied by IT security policy decision makers to choose the network patching policy that is optimal for their organization and reflects their risk appetite and network emergency tolerance level.

【 预 览 】
附件列表
Files Size Format View
RO201804100001247LZ 1215KB PDF download
  文献评价指标  
  下载次数:9次 浏览次数:22次