As cyberattacks continue to increase in frequency and sophistication, MacEwan must expand its information security program to counteract and defend itself from these attacks. One cyberattack technique is the leveraging of vulnerabilities that may exist in systems, networks and applications to gain unauthorized access to those IT resources. The intent of the Vulnerability and Patch Management Standard is to reduce the likelihood and consequences of vulnerabilities being used by cyber criminals as an attack vector. This requires regular patching of IT resources and scanning to detect and remediate weaknesses.

The standard has been updated to include requirements for penetration testing, scanning, patching cycles and vulnerability remediation targets. As well, the requirement for a formal process to be followed by application owners and administrators when the patching targets cannot be met. If your administrative unit or academic department has responsibility for any IT applications or systems, you will need to be familiar with the objectives of this standard.

ITS will be working closely with application owners and administrators to meet these requirements as part of our mandate to maintain a strong, agile and diligent approach to cybersecurity. Stay tuned – we will be in touch.

From Information Technology Services