PatchLink Year-End Survey Reveals Top Security Threats and Trends for 2007

David Bass
Thursday, 14 December 2006 05:02

Sydney  – December 14, 2006 – Organisations saw an increase in targeted attacks in 2006 and a new survey shows the majority of IT professionals (67 percent) expect even more zero-day threats in 2007. PatchLink Corporation, the global leader for security patch and vulnerability management solutions, today announced findings from a comprehensive customer survey addressing network attacks, Microsoft Vista and security plans for 2007. The survey was completed by more than 200 CIOs, CSOs, IT managers and network administrators across Europe, Asia Pacific and the United States. Network Attacks & VulnerabilitiesMore than half of respondents (59 percent) say their network was attacked by a virus in the past two years. And 51 percent confirm they’ve seen an increase in non-Microsoft vulnerabilities. In fact, an overwhelming majority of IT administrators (97 percent) feel Microsoft’s operating system is still the most prone to attack while 88 percent say their main security concern is protecting Internet Explorer.

Microsoft VistaMore than half of IT professionals surveyed (51 percent) feel Microsoft Vista will be a more secure operating system than Windows XP, yet only 44 percent plan to implement it at their organisations; 63 percent of those respondents will deploy it in the next year. That being said, IT administrators don’t anticipate that Vista will solve all of their security concerns as the majority of people (72 percent) feel the patch management process will remain the same with Vista as it is with Windows XP. In fact, 59 percent of respondents plan to use third-party solutions in addition to the built in security features of Vista. 2007 Security Predictions While 89 percent of executives say their organisation is more secure now than it was one year ago, IT professionals are not taking any chances as the survey shows 66 percent plan to spend more on security in 2007 than they did in 2006. Additionally, 67 percent of respondents anticipate an increase in zero-day threats next year.

29 percent of administrators say the zero-day increase is the primary issue driving their security budget, with regulatory compliance in second (23 percent) and 21 percent saying the growing mobile workforce is the number one factor influencing for their 2007 security budget.The abundance of security concerns is enough to keep IT professionals from getting a good night’s sleep. When asked what keeps them awake at night, it was a tight race between malware/spyware (36 percent), zero-day vulnerabilities (34 percent) and insider threats (33 percent).

“This study confirms what PatchLink has always known to be true, network attacks continue to be on the rise and security threats are part of the cost of doing business,” said Neal Gemassmer, Vice President Asia Pacific, PatchLink. “Organisations are realising that security is no longer just an IT problem, it’s now become a risk management issue.

Customers need to be proactive in establishing a layered approach to security that combines people, processes, and technologies that ensure they are taking every measure to protect their organisations from threats before they are attacked.”

About PatchLink Corporation

PatchLink® is the global leader for security patch and vulnerability management solutions, delivering comprehensive, multi-platform assessment and remediation for continuous protection across the enterprise. Offering the most comprehensive platform and application support, PatchLink maintains the largest tested and most up-to-date security patch repository, enabling organisations to accurately assess and remediate vulnerabilities based on established industry best practices. Currently protecting thousands of commercial and government organisations and millions of PCs and servers worldwide, PatchLink effectively eliminates vulnerability risks and enforces security and compliance policies while reducing overall IT costs.

PatchLink is headquartered in Scottsdale, Arizona and was founded in 1991by Sean Moshir.