More zero day threats expected in 2007

Over two-thirds of IT professionals expect more zero day threat in 2007 than this year, according to a new survey.

The study of 235 IT professional across Europe, North America and Asia, carried out by vulnerability management company PatchLink, found that 67 per cent of respondents thought that next year would see hackers launch more zero day attacks.

More than half of respondents (59 per cent) said their network was attacked by a virus in the past two years. And 51 per cent confirmed they've seen an increase in non-Microsoft vulnerabilities. But almost all IT administrators (97 per cent) felt Microsoft's operating system is still the most prone to attack while 88 per cent said their main security concern is protecting Internet Explorer.

More than half of IT professionals surveyed (51 per cent) felt that Microsoft Vista will be a more secure operating system than Windows XP, yet only 44 per cent plan to implement it at their organisations; 63 per cent of those respondents will deploy it in the next year.

But IT administrators aren't anticipating that Vista will solve all of their security concerns as the majority of people (72 per cent) felt the patch management process will remain the same with Vista as it is with Windows XP. The survey found that 59 per cent of respondents planned to use third-party solutions in addition to the built in security features of Vista.

While 89 per cent of executives say their organisation is more secure now than it was one year ago, 66 per cent of IT professionals planned to spend more on security in 2007 than they did in 2006.

29 per cent of administrators said the zero-day increase is the primary issue driving their security budget, with regulatory compliance in second (23 per cent) and 21 per cent said the growing mobile workforce is the number one factor that will influence their 2007 security budget.

The survey also asked respondents what kept them awake at night. The research found that malware and spyware (36 per cent), zero-day vulnerabilities (34 per cent) and insider threats (33 per cent) were the main answers given.

Mike Wittig, President and CTO of PatchLink said that network attacks continued to be on the rise and security threats are "part of the cost of doing business."

"Organisations are realising that security is no longer just an IT problem, it's now become a risk management issue," he said. "Customers need to be proactive in establishing a layered approach to security that combines people, processes, and technologies that ensure they are taking every measure to protect their organisations from threats before they are attacked."

Rene Millman

Rene Millman is a freelance writer and broadcaster who covers cybersecurity, AI, IoT, and the cloud. He also works as a contributing analyst at GigaOm and has previously worked as an analyst for Gartner covering the infrastructure market. He has made numerous television appearances to give his views and expertise on technology trends and companies that affect and shape our lives. You can follow Rene Millman on Twitter.