But it appears that one of the main reasons for malware, rent somewhere, and other dubious software is able to spread so quick within organizations is due to the fact that systems call police servers are not updated
It was one of the most effective countermeasures against this be very simple: just have yourself updated regularly in order to avoid attacks
For unknown reasons this seems to be very difficult in organizations
Went with client main argument is to fire their see ISO and a lot of times under the argumentative breach of contract and endangering the Business continuity of the organization I work for
A lot of times the customers I speak to in such blatant terms go ballistic pretty quickly, but after interviewing their CISO the stumbling of that person and their difficulties about getting straight answers to rather simple questions kind of proves the point.
Today, there is no good reason on the planet have unpatched Systems running in organization.
I will give credit for the argument that the suffering question is no longer maintained in update cycles by the distributor; in this case however it is best practice to isolate such software within virtualized environments.
That way conductivity of the software to the Internet can be limited, and the threats of infection significantly reduced while not entirely eliminated.
Having said that: let’s going to the protocol part and why that is so important.
A protocol of software updates, and patches installed on systems allows any person replacing the chief information security officer in the future to see what progress has been made and whether the systems are and a good state.
Further, the systems can be adjusted in such a way that they will allow for the Single page report that the chief information security officer can present in board meetings and associated get-togethers.
Now, policy should be that all systems are updated as fast as humanly possible to ensure that the organizations IT infrastructure remain resilient to outside threats. I know, that this does not always work out, and that the term as fast as humanly possible is relative of sort. And yes, there will always be arguments against the fact that a piece of software has not been updated in time.
Anyhow, if you need help with this or other issues please feel free to reach out.