IT managers are reacting increasingly quickly to security issues, a survey has revealed.
Seven in 10 managers now deploy critical updates within eight hours, which is almost twice as many as last year.
And 29% implement patches in only two hours – more than double the number that achieved that response time in 2006.
The results come from a survey of 250 chief information officers, chief security officers, IT managers and network administrators across Europe, Asia Pacific and the US. The research was conducted by PatchLink, a manufacturer of security software.
Zero day vulnerabilities, where hackers exploit security issues on the day that they emerge, are the largest security concern, according to the survey, with 54% of IT chiefs citing them as their top worry.
Vendors are also tending to act more quickly with their security fixes, in the face of pressure from businesses and from a growing army of unofficial patchers.
In March, security vendor eEye Digital Security issued an unofficial patch to protect users of the Outlook Express email program, covering an area Microsoft had not tackled. Then the Zero Day Emergency Response Team unveiled another patch days later. In early April, Microsoft responded with its own patch after it admitted the problem had become too serious to ignore.
Charles Kolodgy, research director at IDC, said that businesses of all sizes faced zero day threats, and that the problem is worsened by a lack of resources to fight the problem.
He added: “User behaviour is difficult to control, and many hackers rely on users’ lapses in judgement to carry out their malicious activity.”
Two thirds of those surveyed said they spent more than an hour each day monitoring security, and half had over 10 programs installed to counter threats.