Organisations Not Keeping Up With New Security Threats

Over 73% of corporate network devices analysed by Dimension Data during 2010 were carrying at least one known security vulnerability. This is almost double the 38% recorded in 2009. The data also revealed that a single higher risk vulnerability – PSIRT 109444** – which was identified by Cisco in September 2009, was found in a staggering 66% of all devices, and was responsible for this jump.

These are some of the key findings in the Network Barometer Report 2011 published today by the global specialist IT services and solutions provider. The Report covers aggregate data compiled from 270 Technology Lifecycle Management (TLM) Assessments conducted in 2010 worldwide by the Group for organisations of all sizes across all industry sectors. It reviews the networks’ readiness to support business by evaluating the configuration variance from best practices, potential security vulnerabilities, and end-of-life status of those network devices.

“Given the pressure that organisations are under from regulatory bodies, consumers and their executive to protect customer information and privacy, as well as sensitive business information from both cyber criminals and competitors, it’s hard to believe that they would knowingly expose themselves to this level of risk”, says Neil Campbell. “The truth of the matter is that many organisations still don’t have consistent and complete visibility of their technology estates. In fact, previous research not related to the Network Barometer Report carried out by Dimension Data found that clients are unaware of as much as 25% of their networking devices.”

But it’s not all bad news. While discovery processes may be falling short of the market, Campbell said that apart from the one security vulnerability on 66% of devices, organisations are trying to up their game with regards to remediation. According to the Report, the TLM Assessment results showed that if PSIRT 109444 was taken out of the equation, organisations had patched fairly well: the next four vulnerabilities were found in less than 20% of all devices.