Cisco has announced its regular patch cycle, just like Microsoft. There is just a "small" difference between each company's process: Cisco is planning to release patches only twice an year. What these people need to understand is that vulnerability management is not exactly like change management. Some people believe that long change cycles are a good sign of mature change management. Ok, it may be, but for vulnerabilities the problem is quite different. While you can have a good perception of the probability of a common error has to cause you problems, it's almost impossible to have the same number about a vulnerability. Not only that you can't have this number, it's also not under your control! That makes vulnerability patching a different kind of change, that needs to be released as soon as possible.
Cisco patch cycle
Cisco patch cycle
Cisco patch cycle
Cisco has announced its regular patch cycle, just like Microsoft. There is just a "small" difference between each company's process: Cisco is planning to release patches only twice an year. What these people need to understand is that vulnerability management is not exactly like change management. Some people believe that long change cycles are a good sign of mature change management. Ok, it may be, but for vulnerabilities the problem is quite different. While you can have a good perception of the probability of a common error has to cause you problems, it's almost impossible to have the same number about a vulnerability. Not only that you can't have this number, it's also not under your control! That makes vulnerability patching a different kind of change, that needs to be released as soon as possible.