Importance of patching emphasised as need for education stressed
Stuart Okin, managing director of Comsec Consulting, claimed that developers should include the ability to protect and repair vulnerabilities in order to offer a consistently secure product.
Okin said: “Everybody should be following Microsoft's and Oracle's lead for updates. What I don't understand is when you release a product you don't offer an ability to patch. If I'm bringing out a desktop application why don't I offer the ability to protect it?
“Applications must have the ability to be protected, if they are connected to the internet they need to be updated. How popular an application is depends on how much you need to update.”
Okin, who was previously chief security officer at Microsoft, admitted that there was a need for the software giant to patch its vulnerabilities on a regular basis as its technology is often older, but that its routine of fixing and patching was very good.
However he claimed that the level of education in companies on patching is not present due to it not being taught at further education. “Lessons need to be taken into every company but it is not happening, and also there needs to be an education level in universities and colleges, but we need to do more,” said Okin.