A global survey of IT professionals shows they have redoubled their efforts to immediately neutralise exposed vulnerabilities. This firefighting activity takes precedence even over such security threats as hackers, spyware and malware.
Security firm PatchLink interviewed 250 CIOs, CSOs, IT managers and network administrators across Europe, Asia Pacific and the US. They were questioned about attitudes to security and vulnerability management.
Zero-day vulnerabilities were considered the top security concern by 54% of IT professionals. This year 29% of organisations were deploying critical updates within two hours compared with14% last year. An impressive 70% complete the update within eight hours compared to just 39% last year.
IT security analyst Charles Kolodgy, research director at IDC, said the results indicate a heightened fear and vigilance about zero day attacks. "The prospect of zero-day attacks is extremely troubling for everyone. Financially motivated attackers are creating customised, sophisticated malware designed to exploit unpublished application weakspots in specific applications before they can be fixed. They'll exploit any IT department without the resources to defend itself," Kolodgy said.
Hackers are the second biggest security concern (35%) followed closely by malware/spyware (34%).
Comment on this article: firstname.lastname@example.org