For the first time in eight years, the National Institute of Standards and Technology has updated its guidelines for agencies to protect their network systems.
“Vulnerabilities in software and firmware are the easiest ways to attack a system, and the two revised publications approach the problem by providing new guidance for software patching and warding off malware,” reads a NIST release.
The previous guide for software patching was released so long ago that patching was a manual process at the time. The new “Guide to Enterprise Patch Management Technologies” is designed to take into account the now-common automated patch management systems. It “explains the technology basics and covers metrics for assessing the technologies’ effectiveness,” according to the release.
The other “Guide to Malware Incident Prevention and Handling for Desktops and Laptops,” was updated to address the exponential rise and ubiquity of social media.
“The second security document provides guidance to protect computer systems from malware — malicious code,” the release reads. “Malware is the most common external threat to most systems and can cause widespread damage and disruption.”