Patch management is an important component of an overall ICS security program. In some cases, the only mitigation for a discovered vulnerability is to install a software patch provided by the supplier. However, patch management in an ICS is challenging in that deploying patches can introduce risk – sometimes more risk than the risk of the vulnerability the patch addresses. ICS patch management policies and procedures need to balance the need for system reliability with the need for system security.

aeSolutions can assist in the development and implementation of an ICS patch management program and the deployment of patch management software to assist organizations in meeting the requirements set forth in ICS cybersecurity standards such as ISA/IEC 62443 and NERC CIP.