IT: Zero-Day Vulnerabilities Most Critical

IT Professionals Consider Zero-Day Vulnerabilities to be the Most Critical Security Concern Facing Organisations Today

PatchLink Customer Survey Reveals that Controlling User Behavior and the Shrinking Window from Vulnerability to Exploit are the Key Challenges to Effective Vulnerability Management

Sydney, Tuesday, July 31, 2007—Zero-day vulnerabilities are the top security concern for the majority (54 percent) of IT professionals, according to the results of an annual customer survey conducted by PatchLink Corporation, a global leader in security and vulnerability management. The survey, completed by more than 250 CIOs, CSOs, IT managers and network administrators across Europe, Asia Pacific and the U.S. , revealed that hackers are the second biggest security concern (35 percent) followed closely by malware/spyware (34 percent).

“The prospect of zero-day attacks is extremely troubling for organisations of all sizes. Today’s financially motivated attackers are creating customised, sophisticated malware designed to exploit unpublished application vulnerabilities in specific applications before they can be fixed,” said Charles Kolodgy, research director at IDC. “The problem is compounded by the ever-present human element. User behavior is difficult to control, and many hackers rely on users’ lapses in judgment to carry out their malicious activity. They also prey on the fact that many IT departments are spread thin and simply do not have the resources necessary to proactively defend against zero-day threats.”

Improved Processes and Confidence

According to survey results, faster remediation and more comprehensive risk assessment and prioritisation help organisations proactively address these concerns. IT managers reacted far quicker to emergency patches this year as compared to last, as 29 percent of organisations deployed critical updates within two hours during 2007 compared to just 14 percent in 2006. Seventy (70 percent) of IT managers completed fire-drill remediations within eight hours in 2007 compared to just 39 percent during the previous year. In addition, many respondents (60 percent) supplemented their vulnerability management process to include both agent- and network-based vulnerability scanning. As a result, a vast majority (99 percent) of respondents say their organisations are as secure or more secure today than they were in 2006.

“In 2003 and then again in 2004, we were hit with devastating worms that exploited vulnerabilities in different applications before we could release the patches from our home-grown deployment process,” said Jim Czyzewski, senior information systems specialist responsible for desktop patch management at MidMichigan Medical Center in Midland, Mich. “Now we’re facing less-visible threats such as botnets and rootkits that are typically propagated through zero-day exploits. Effective vulnerability management is critical and serves as the first line of defense against these new stealthier attacks.”

No Silver Bullet

Despite improved vulnerability management, the survey reveals that the inability to effectively control user behavior and the shrinking time from vulnerability to exploit are the most significant challenges to combating zero-day threats. As a result, IT managers are trying to gain control through an increasing number of security products and time spent monitoring and setting policies. Fifty (50) percent of respondents said they have more than 10 agents currently installed to perform security and/or operations tasks. Most respondents (66 percent) said they spend an hour or longer every day monitoring security and IT consoles, administrating agents and updating security policies.

“While the overall survey results demonstrate the effectiveness of a sound vulnerability management solution—especially in the most critical situations—they also reveal a glaring need for continuous protection and a more consolidated security approach,” said Patrick Clawson, chairman and CEO of PatchLink. “By acquiring Harris STAT and SecureWave products, we are taking a significant step towards delivering a single platform for unified protection and control of all critical IT assets and data. This approach will reduce the number of agents that our customers have to manage, and enables them to remain completely protected from all malicious exploits – both known and unknown.”

ENDS

© Scoop Media