A global survey of IT professionals shows they have
redoubled their efforts to immediately neutralise exposed
vulnerabilities. This firefighting activity takes precedence even
over such security threats as
hackers,
spyware and malware.
Security firm
PatchLink interviewed 250 CIOs, CSOs, IT managers and network
administrators across Europe, Asia Pacific and the US. They were
questioned about attitudes to security and vulnerability
management.
Zero-day vulnerabilities were considered the top security
concern by 54% of IT professionals. This year 29% of organisations
were deploying critical updates within two hours compared with14%
last year. An impressive 70% complete the update within eight hours
compared to just 39% last year.
IT security analyst Charles Kolodgy, research director at
IDC, said the results indicate a heightened fear and vigilance
about zero day attacks. "The prospect of zero-day attacks is
extremely troubling for everyone. Financially motivated attackers
are creating customised, sophisticated malware designed to exploit
unpublished application weakspots in specific applications before
they can be fixed. They'll exploit any IT department without the
resources to defend itself," Kolodgy said.
Hackers are the second biggest security concern (35%) followed
closely by malware/spyware (34%).
Anti-virus software market grows >>
New hacking technique exploits common programming
error >>
Internet Explorer security learning guide
>>
Comment on this article:
computer.weekly@rbi.co.uk