Federal patch service to stop

After a year spent helping federal agencies patch their insecure operating systems, government officials say they plan to leave that role to others.

This week, DHS officials said that the department will get out of the business of distributing security patches because the private sector is better at it than the federal government. Lawrence Hale, deputy director of the United States Computer Emergency Response Team, could not say exactly when the department would stop offering a service called Patch Authentication and Dissemination Capability (PADC). But he suggested that agencies would soon have to find commercial alternatives to the government's free service. Forty-seven federal agencies now use it.

When the federal government began planning the patch distribution service more than three years ago, Hale said that the idea of offering patch management assistance was ahead of its time. But by the time the government had awarded a contract to a company that could provide the service, other commercial alternatives had surpassed the limited offering that the government had contracted.

Many companies now sell patch management as part of an integrated configuration management service that includes vulnerability scanning, patch installation and asset management. The PADC service is for patch installation only. Agencies that use the free service buy the other services separately if they want them, but at prices that are often higher than those of the integrated commercial packages, Hale said.

General Dynamics Corp. and its Veridian Corp. subsidiary provide the government's patch management service under a $10 million contract.

Featured

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.