Federal Managers struggle with patching and compliance, a survey reports:

According to a survey of federal security managers published by Intelligent Decisions, the top concerns facing federal networks are patching, network compromises, and compliance with the Federal Information Security Management Act (FISMA). Almost half the respondents said the private sector should improve the quality assurance of their softwares. Federal managers often lack both the labor and money to meet FISMA requirements, especially managers with budgets of less than $500,000. Managers spend an average of three hours each day on compliance rather than strategic security planning. The survey finds that as managers' budgets increase, the amount of time necessary for compliance decreases: managers with less that $500,000 spent 45% of their time on compliance, while those with budgets over $10 million only spent 27%. The survey is based on telephone conversations with 25 of 117 federal security managers.