This year marks 20 Years of Cybersecurity Awareness Month. In the coming weeks we will be highlighting ISC2 Member Voices with a focus on the following key behaviors: updating software, enabling multi-factor authentication, using strong passwords and a password manager and recognizing and reporting phishing.


Updating Software - Tejpal Garhwal, CISSP, CCSP


Hello there, cybersecurity enthusiasts and the keepers of the flame! I would like to shed some light on something that often gets overlooked or procrastinated yet is critical in our digital lives, software upgrades. As someone who has spent a great amount of time consumed in the world of software engineering and security, I've come to recognize the great impacts these upgrades have on our devices and applications, and for the overall security and functionality of our digital ecosystems.

Consider this, what happens when you don’t do the upkeep of your house? It deteriorates, decreases in value, can cause health and safety risks, may increase the cost of maintenance, could add in the possibility of facing legal issues, it becomes aesthetically unpleasant to live in and possibly energy inefficient. So, what do you do to avoid getting into these unwelcome outcomes? You conduct regular maintenance, address issues as they arise and stay proactive.

Let's be honest with ourselves, we've all been guilty of ignoring those annoying software update notifications that show up when we expect them the least. Our reaction to these situations is commonly to select "remind me later" with hope, but actually procrastination, of getting to it later. However, those updates are more than simply minor annoyances, they are critical to the health and performance of our gadgets (may it be for a device or enterprise software updates).

When it comes to protecting against potential threats and maintaining a functional, safe environment, securing a home and keeping software updated have striking similarities. Let's dive deeper into this analogy to see where the two interconnect:

Security Measures <> Locks and Doors:

Secure Home: The first line of defense for a home is locks and strong doors. They deter potential intruders and prevent unauthorized access, thereby improving overall security.

Software Updates: Encryption, firewalls, and access controls act as locks and doors in the digital realm. Regular software updates serve as security enhancements, repairing vulnerabilities and fortifying digital locks to protect against cyber threats.

Maintenance <> Bug Fixes:

Secure Home: Routine maintenance of a house is necessary to fix any wear and tear, leaks, or structural issues that might compromise its safety and integrity.

Software Updates: Regular software updates serve as maintenance for digital systems, addressing bugs, glitches, and errors that could impact the performance or security of the software. They keep the system functioning optimally and securely.

Renovations and Improvements <> New Features:

Secure Home: We often renovate our houses to enhance functionality, improve aesthetics, or address changing needs. These renovations can include adding security systems, energy-efficient features, or home automation for convenience.

Software Updates: Software updates not only fix issues, but also introduce new features and improvements. Developers use updates to add functionalities, improve the user experience, and adapt to evolving technological trends, making the software more efficient and effective.

Security Services <> Antivirus and Security Software:

Secure Home: We may invest in security services like alarms, cameras, or security personnel to monitor and protect their homes actively.

Software Updates: Security software and antivirus programs act as a digital equivalent to security services for a house. Regular updates to these applications ensure they are equipped to detect and mitigate the latest cyber threats effectively.

In today's world, where our personal and professional lives are deeply intertwined with technology, it's essential to be proactive in managing our digital tools. Just as you wouldn't leave your house vulnerable to intruders, keeping your software updated is vital to protect against digital threats.

So, the next time that update notification appears on your screen, don't delay it. Embrace it and appreciate the effort developers put into making your digital world safer, faster, and more functional. Stay updated, stay secure, and make the most of your digital journey!

Tejpal Garhwal, CISSP, CCSP is the Director of Application Security responsible for the strategic direction, vision and maturity of secure applications development at Pegasystems, Inc. In his role, he is focused on evolving the application security program and responsible for the overall DevSecOps program along with the execution of other initiatives aimed at secure coding, awareness, static code analysis, software composition analysis, penetration testing, metrics, governance, risk and compliance and more.