{"id":"https://openalex.org/W2031920777","doi":"https://doi.org/10.1109/ms.2003.1159029","title":"Reducing Internet-based intrusions: Effective security patch management","display_name":"Reducing Internet-based intrusions: Effective security patch management","publication_year":2003,"publication_date":"2003-01-01","ids":{"openalex":"https://openalex.org/W2031920777","doi":"https://doi.org/10.1109/ms.2003.1159029","mag":"2031920777"},"language":"en","primary_location":{"id":"doi:10.1109/ms.2003.1159029","is_oa":false,"landing_page_url":"https://doi.org/10.1109/ms.2003.1159029","pdf_url":null,"source":{"id":"https://openalex.org/S6725529","display_name":"IEEE Software","issn_l":"0740-7459","issn":["0740-7459","1937-4194"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Software","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5002219073","display_name":"Bill R. Brykczynski","orcid":null},"institutions":[{"id":"https://openalex.org/I4210138296","display_name":"Modus Operandi (United States)","ror":"https://ror.org/04b4pz972","country_code":"US","type":"company","lineage":["https://openalex.org/I4210138296"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"B. Brykczynski","raw_affiliation_strings":["Software Productivity Consortium","Software Productivity Consortium, Herndon, VA, USA"],"affiliations":[{"raw_affiliation_string":"Software Productivity Consortium","institution_ids":["https://openalex.org/I4210138296"]},{"raw_affiliation_string":"Software Productivity Consortium, Herndon, VA, USA","institution_ids":["https://openalex.org/I4210138296"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5016224104","display_name":"Robert A. Small","orcid":null},"institutions":[{"id":"https://openalex.org/I4210138296","display_name":"Modus Operandi (United States)","ror":"https://ror.org/04b4pz972","country_code":"US","type":"company","lineage":["https://openalex.org/I4210138296"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"R.A. Small","raw_affiliation_strings":["Software Productivity Consortium","Software Productivity Consortium, Herndon, VA, USA"],"affiliations":[{"raw_affiliation_string":"Software Productivity Consortium","institution_ids":["https://openalex.org/I4210138296"]},{"raw_affiliation_string":"Software Productivity Consortium, Herndon, VA, USA","institution_ids":["https://openalex.org/I4210138296"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5002219073"],"corresponding_institution_ids":["https://openalex.org/I4210138296"],"apc_list":null,"apc_paid":null,"fwci":2.3034,"has_fulltext":false,"cited_by_count":38,"citation_normalized_percentile":{"value":0.91512522,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":"20","issue":"1","first_page":"50","last_page":"57"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9758999943733215,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9750999808311462,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6081573367118835},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.5553808212280273},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.5280112624168396},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.5089733600616455},{"id":"https://openalex.org/keywords/security-management","display_name":"Security management","score":0.44290050864219666},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.43867671489715576},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.43791717290878296},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.3753902316093445},{"id":"https://openalex.org/keywords/process-management","display_name":"Process management","score":0.33731481432914734},{"id":"https://openalex.org/keywords/knowledge-management","display_name":"Knowledge management","score":0.33324509859085083},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.27547335624694824},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.23175325989723206},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.16178181767463684}],"concepts":[{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6081573367118835},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.5553808212280273},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.5280112624168396},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.5089733600616455},{"id":"https://openalex.org/C83163435","wikidata":"https://www.wikidata.org/wiki/Q3954104","display_name":"Security management","level":2,"score":0.44290050864219666},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.43867671489715576},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.43791717290878296},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.3753902316093445},{"id":"https://openalex.org/C195094911","wikidata":"https://www.wikidata.org/wiki/Q14167904","display_name":"Process management","level":1,"score":0.33731481432914734},{"id":"https://openalex.org/C56739046","wikidata":"https://www.wikidata.org/wiki/Q192060","display_name":"Knowledge management","level":1,"score":0.33324509859085083},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.27547335624694824},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.23175325989723206},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.16178181767463684},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/ms.2003.1159029","is_oa":false,"landing_page_url":"https://doi.org/10.1109/ms.2003.1159029","pdf_url":null,"source":{"id":"https://openalex.org/S6725529","display_name":"IEEE Software","issn_l":"0740-7459","issn":["0740-7459","1937-4194"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Software","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320332180","display_name":"Defense Advanced Research Projects Agency","ror":"https://ror.org/02caytj08"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":8,"referenced_works":["https://openalex.org/W1582234216","https://openalex.org/W1955934323","https://openalex.org/W1979820341","https://openalex.org/W1989449504","https://openalex.org/W2109914336","https://openalex.org/W2142141201","https://openalex.org/W2622521746","https://openalex.org/W6676427759"],"related_works":["https://openalex.org/W2120971814","https://openalex.org/W2033357182","https://openalex.org/W4310892428","https://openalex.org/W4232424383","https://openalex.org/W2303053547","https://openalex.org/W2777401565","https://openalex.org/W322391649","https://openalex.org/W4313041944","https://openalex.org/W3123267782","https://openalex.org/W1502752702"],"abstract_inverted_index":{"The":[0,116,137],"Software":[1],"Productivity":[2],"Consortium":[3,114],"(the":[4],"Consortium)":[5],"has":[6],"been":[7],"investigating":[8],"methods":[9],"for":[10,83,118],"improving":[11],"and":[12,24,29,31,47,55,77,103],"measuring":[13],"four":[14],"essential":[15],"defenses":[16,37,72],"against":[17,33],"Internet-based":[18,152],"threats:":[19],"security":[20,45,100,120,130],"patch":[21,101,121],"management,":[22,102],"system":[23],"application":[25],"hardening,":[26],"network":[27],"reconnaissance":[28],"enumeration,":[30],"tools":[32],"malicious":[34],"software.":[35],"These":[36],"increasingly":[38],"are":[39,73],"critical":[40],"to":[41,68,78],"an":[42,52,80],"organization's":[43],"information":[44],"posture":[46],"should":[48,62],"be":[49],"implemented":[50],"in":[51,94,111,125,140,146],"effective,":[53],"systematic,":[54],"repeatable":[56],"fashion.":[57],"Senior-level":[58],"managers":[59],"or":[60],"executives":[61],"review":[63],"process":[64],"measurement":[65],"data":[66],"regularly":[67],"ensure":[69],"that":[70],"these":[71,98],"being":[74],"performed":[75],"properly":[76],"provide":[79],"objective":[81],"basis":[82],"organizational":[84],"improvement.":[85],"This":[86],"article":[87,142],"focuses":[88],"on":[89],"lessons":[90],"learned":[91],"implementing":[92],"improvements":[93],"the":[95,126,134,149],"first":[96],"of":[97],"defenses,":[99],"is":[104],"derived":[105],"largely":[106],"from":[107,151],"pilot":[108],"projects":[109],"conducted":[110],"collaboration":[112],"with":[113],"members.":[115],"need":[117],"improved":[119],"management":[122],"figured":[123],"prominently":[124],"recent":[127],"draft":[128],"cyber":[129],"strategy":[131],"issued":[132],"by":[133],"White":[135],"House.":[136],"practices":[138],"examined":[139],"this":[141],"can":[143],"assist":[144],"organizations":[145],"substantially":[147],"reducing":[148],"risk":[150],"compromises.":[153]},"counts_by_year":[{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":2},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":1},{"year":2019,"cited_by_count":1},{"year":2017,"cited_by_count":5},{"year":2016,"cited_by_count":5},{"year":2015,"cited_by_count":3},{"year":2014,"cited_by_count":4},{"year":2013,"cited_by_count":1},{"year":2012,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}