GovWhitePapers Logo

Sorry, your browser is not compatible with this application. Please use the latest version of Google Chrome, Mozilla Firefox, Microsoft Edge or Safari.

Critical Cybersecurity Hygiene: Patching the Enterprise

Cyber hygiene describes recommended mitigations for the small number of root causes responsible for many cybersecurity incidents. Implementing a few simple practices can address these common root causes. Patching is a particularly important component of cyber hygiene, but existing tools and processes are frequently insufficient to rapidly mitigate this risk in many environments and situations. The objective of this project is to demonstrate a proposed approach for improving enterprise patching practices for general IT systems. Commercial and open source tools will be used to aid with the most challenging aspects of patching, including system characterization and prioritization, patch testing, and patch implementation tracking and verification. These tools will be accompanied by actionable, prescriptive guidance on establishing policies and processes for the entire patching life cycle, in the form of a freely available NIST Cybersecurity Practice Guide.


Interested in cybersecurity? Check out this GovWhitePapers blog post! You can also find events on cybersecurity on our sister site, GovEvents.


  • Author(s):
  • Murugiah Souppaya
  • Kevin Stine
  • Mark Simos
  • Sean Sweeney
  • Karen Scarfone
  • Share this:
  • Share on Facebook
  • Share on Twitter
  • Share via Email
  • Share on LinkedIn
Critical Cybersecurity Hygiene: Patching the Enterprise
  • White Paper
Website:Visit Publisher Website
Publisher:National Institute of Standards and Technology (NIST)
Published:March 1, 2020
License:Public Domain

Featured Content

Contact Publisher

Claim Content