nCircle.com >> 360 Security

« Federal IT Security Trends | Main | SCADAGard SIG To Be Established »

The Price Of Patches

Have you noticed how anyone who has a relationship with network security does nothing but kowtow to Microsoft every second Tuesday of the month? Yes, its what we call Patch Tuesday or sometimes referred to as Black Tuesday. If you are reading this blog you are probably all too familiar with what I’d like to call Monthly Suck Your Resources Dry Day.

The Monday before, my team and I hubbub about the expected patches. We usually touch base with VERT to ensure they have all their resources for the late night and we plan on a good healthy nights sleep. No sitcoms that night for me – early to bed early to rise.

On Tuesday, I’m in the office right at 7AM. Check all the regular daily reports and clear out the Inbox. Come 10AM, you’ll find me hitting reload in Firefox waiting in earnest to read the security bulletins. I’ll spare you all the boring details of our testing and deployment procedures, but you can bet that by 5PM, we’ve tested and approved every patch deemed critical.

In the past year, I’ve noticed a significant amount of resources worldwide dedicated to this day. For example, emails to some security lists take a sudden lull (while other message channels increase in chatter) and amount of Microsoft related news articles go thru the roof.

So for this week’s Patch Tuesday, I documented a few statistics.

Email Activity

A popular CISSP email list typically experiences a significant drop in traffic prior to and on Patch Tuesdays.

EmailMessages.PNG

Here I have graphed the number of email messages every Tuesday for the last 11 weeks. Marked with red are Patch Tuesdays.

News Articles

This graph depicts news articles containing Microsoft for the past 3 weeks. The obvious largest column would be this week.

NewsArticles.PNG


So what’s the point?

If these statistics show anything, it’s that significant portions of our security and news industries all focus on Microsoft every second Tuesday of each month. We talk about the price of patches to deploy and not to deploy for that matter. But we don’t talk about the money a single company can inadvertently draw by forcing us all to pay attention every month. Who knows, maybe it was Microsoft’s plan all along to release products needing updates every month. What a great marketing tactic.

Posted by storms on November 16, 2006 9:43 AM |

Comments (1)

mmurray:

Hey dude,

An interesting post, but something else is probably worth considering here... these stats probably generalize to any company that releases all of their patches at once (e.g. Oracle).

Also, this one makes sense, given the monoculture that is Microsoft and its impact on our environment - I'd imagine that we see a similar drop in activity on DBA lists on days when Oracle releases a patch.

-Mike

Posted by mmurray | November 16, 2006 10:56 AM

Posted on November 16, 2006 10:56

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

Search


About

This page contains a single entry from the blog posted on November 16, 2006 9:43 AM.

The previous post in this blog was Federal IT Security Trends.

The next post in this blog is SCADAGard SIG To Be Established.

Many more can be found on the main index page or by looking through the archives.

Subscribe to this blog's feed
[What is this?]