Patch Management

Patch management is the disciplined process of tracking, testing, and applying software and firmware updates that close known vulnerabilities, indexed by CVE identifiers. On ships it is harder than ashore: many OT components run unsupported operating systems, vendors must approve changes to type-approved navigation equipment, and patches often arrive on removable media over a thin satellite link. Programs therefore prioritize by exploitability and criticality, test offline, and document deferrals. Sound patch management is a named control under IMO MSC-FAL.1/Circ.3, the BIMCO guidelines, and ISO/IEC 27001, and is what turns vulnerability awareness into reduced risk.