NIST Publishes 2 Final Documents on Patch Management

1 min read

The National Institute of Standards and Technology has published two new documents underscoring the necessity of timely patching to ensure organizations continue to have a strengthened cybersecurity posture.

The National Cybersecurity Center of Excellence said Wednesday one final publication, “Guide to Enterprise Patch Management Planning: Preventive Maintenance for Technology”, recommends creating and implementing a strategy for simplifying and running patches and lessening risks related to doing computer preventive maintenance efforts.

The mentioned NIST Special Publication 800-40 Revision 4 is meant for organization leadership, business owners and security or technology management groups. The guide was initially released in 2013.

Another final publication is NIST SP 1800-31 titled “Improving Enterprise Patching for General IT Systems: Utilizing Existing Tools and Performing Processes in Better Ways”. It offers more information on how to enhance the use of patching capabilities, building upon the SP 800-40 Revisions 3 and 4 work.

In addition, the release tackles patching situations where commercial tools were used for routine and emergency maintenance, as well as presents temporary patching alternatives.

ExecutiveGov Logo

Sign Up Now! Executive Gov provides you with Free Daily Updates and News Briefings about Cybersecurity

The Ultimate Guide to Winning Government Contracts Let us show you how top executives are winning so you can replicate it