In the past two weeks, all we hear are #WannaCry, #WannaCrypt, and the world’s biggest cyberattack.
However, eventually, protecting against these and other malware, is still a good Patch Management process. Nothing more. No extra security tools and no extra cost investments.
So with no further due, just invest in good practices. Govern your IT and Security processes and you will “Protect What Matters” so much more.
Use COBIT 5 process model as reference. AI3.3 – Infrastructure Maintenance overview (e.g. ISACA Members knowledge center) will give you the frame in which you can and should adjust your process to meet your own stakeholder’s needs and objectives. There is No need to invent the wheel all over.
The Configuration Management using COBIT 5 will do the same with a broaden business view and much more overall insights, figures and implementation steps.
Don’t rush to add tools. Improve your security processes with better business governance. You will probably gain much more protection where it matters.
Feel free to contact for deeper advisory.