Home >> Security >> Hacking and Viruses

Zero-day attacks head list of security concerns

By: Mari-Len De Guzman On: 31 Aug 2007 For: CIO Canada Creator

Threats posed by zero-day vulnerabilities were ranked by global IT decision makers as their top security concern, according to a recent survey by security firm PatchLink.

Fifty-three percent of respondents put zero day vulnerabilities as the No. 1 security concern, followed by hackers, cited by 35 percent, and malware and spyware with 34 percent. PatchLink surveyed 250 customers worldwide, including CIOs, CSOs, IT directors and managers.

“The prospect of zero-day attacks is extremely troubling for organizations,” said Charles Kolodgy, research director for security products at IDC in Framingham, Mass. “Today’s financially motivated attackers are creating customized, sophisticated malware designed to exploit unpublished application vulnerabilities in specific applications before they can be fixed.”

Many IT departments are spread thin and lack the resources to proactively defend against zero-day threats, and attackers are using this to their advantage, said Kolodgy.

Brian Bourne, president of Toronto-based IT security consultancy CMS Consulting Inc., was surprised that zero-day vulnerabilities would concern many IT executives, as such exploits are typically used for targeted attacks.

Such concern may be out of lack of a complete understanding on how to protect against these threats, he noted. Bourne says that a defense-in-depth strategy is still “the right strategy” for protecting against zero-day exploits. He urged IT managers to subscribe to a vulnerability advisory list, so that they can get all updates on most recent zero-day discoveries. 070042

Sign up for our Newsletters

Tags: zero-day vulnerabilities

Close X

Your Name:

Your E-mail:

Friend's Name:

Friend's E-mail:

Close X

| Views: 517 | Rating:

(0 votes)

Rate this article on a scale of
1 to 5 stars,5 being the best.

Close X

Page 1

Quick Access

Video Conferencing Cloud Computing Resource Centre CIO Canada's Brainstorm Centre CIO Canada Debate

Mari-Len De Guzman is a contributor to the International Data Group (IDG) News Service, which publishes global technology stories from bureaus around the world to more than 300 publications in more than 60 countries.

Bullet-Point Brief: McAfee CEO's security snapshot

Dave DeWalt stops in Toronto to chat about escalating attacks, working with governments and the trouble with smart phones. Plus: Who’s responsible for defending America’s cyberspace?

Zero-day attack tops list of IT concerns

Enterprise companies say they lack the resources to proactively defend against an emerging breed of exploit, based on a recent survey. Experts offer tips on how to tackle the beast

Zero-day protection pointers

Industry analysts and security practitioners agree that the best way to protect against a zero-day threat is by instituting a defense-in-depth security strategy – layered protection from the firewall and network edge down to the host system. Security experts offer these recommendations for IT managers to consider when the organization is faced with a zero-day threat.

Why hack a Mac?
by joaquim p. menezes - remember charlie miller?

Cyber crooks getting cleverer
by joaquim p. menezes - several years ago, john roese – when he was chief technology officer of enterasys networks (he’s now cto of nortel) comme

blog comments powered by Disqus

Most Popular

Articles

Most Viewed
Most Emailed
Top Rated

Most Viewed
Most Emailed
Top Rated

Shaw wins Internet deal with city of WinnipegBy: Howard Solomon (16 May 2012)Shaw Communications has scored a big win in its campaign to extend its services to municipalities. The Calgary-based cableco won a bidding contest to ...
The cost of open data: A Canadian lawyer's analysisBy: Lou Milrad (14 May 2012)We’ve started hearing a lot over the last year or so about “open data”, particularly in the municipal sector. It’s all ab ...
Rogers offers lure to M2M developers By: Howard Solomon (11 May 2012)Network operators are always looking for ways to expand the way organizations can use their networks beyond voice and data centre traffic. To encour ...
Canadian employee survey indicates dark view of cloudBy: Shane Schick (16 May 2012)If Canadian enterprises are using cloud computing, their employees may be the last to know. A recent research bulletin from Toronto-based Pollara of ...
Researcher runs IP network over xylophonesBy: Joab Jackson (14 May 2012)NEW YORK -- Vint Cerf once wore a shirt that read "IP on Everything," a wry comment on the universatility of the Internet Protocol he helped invent, a ...

Cisco kills off Cius developmentBy: Paolo Del Nibletto (5/25/2012 11:56:00 AM)In a surprise move, Cisco Systems Inc. has confirmed it will no longer invest in developing the Cius tablet device running Android.The Cius tablet was ...
Microsoft's new server and tool upgrades and CIOsBy: Juan Carlos Perez and Chris Kanaracus (5/25/2012 10:21:00 AM)MIAMI -- CIOs and IT directors tracking the barrage of major upgrades for Windows and Office also need to stay tuned to the refresh cycle for Microsof ...
Microsoft clarifies tremendous Windows 8 claimsBy: Gregg Keizer (5/25/2012 9:21:00 AM)FRAMINGHAM, Mass. -- Reports earlier this week that Microsoft CEO Steve Ballmer predicted unprecedented sales of Windows 8 were wrong on multiple ...
How to make PHP apps scaleBy: Andrew Oliver (5/25/2012 9:14:00 AM)SAN FRANCISCO -- The power of PHP and an RDBMS is the ability to nail the major features of an application with cheaply paid developers in a reco ...
Funding rural broadband: Whatever it takesBy: Howard Solomon (5/25/2012 7:11:00 AM)For rural communities looking to get ultra-fast broadband speeds increasingly seen in cities, there’s only one obstacle: Money. Getting it is ...

VIDEO: Why IT pros need 'soft skills'By: Brian Bloom (23 May 2012)Unemployment in the high-tech sector is low. But are IT pros getting the jobs they want? Stafflink CEO Tim Collins explains why having impressive ...
Why integrate Wi-Fi radios into small cellular cellsBy: Ajay Kumar Gupta (15 May 2012)FRAMINGHAM, Mass -- (Gupta is team lead at Wesley Clover Communications Solutions, which develops solutions from Canadian companies -- including Mitel ...
CEOs demand CIOs prepare for growth and mobilityBy: Mark Chillingworth (15 May 2012)CEOs have shifted their position and are releasing funds to CIOs that have innovations for mobile users and revenue generation ideas, finds the CIO Su ...
EMC mega-launch targets hybrid cloud, big dataBy: Jeff Jedras (22 May 2012)LAS VEGAS – With nearly 15,000 attendees making this its biggest user conference, IT infrastructure vendor EMC Corp. has made its largest ...
Why Eugene Kaspersky has big problems with big dataBy: Jeff Jedras (22 May 2012)NASSAU, BAHAMAS – The big data drumbeat is becoming deafening in the technology sector as vendors and analysts rush aboard the latest trend. But ...

Related White Papers

Five Critical Rules for Firewall Management - Firewalls are the first line of defense for the network, but are time consuming and challenging to manage; learn the five critical rules for firewall management here.

Measuring Software Quality: A Study of Open Source Software - As part of a Department of Homeland Security (DHS) federally-funded analysis, a new baseline for security and quality in open source software has been established

Securing end-user mobile devices in the enterprise - Mobile devices, such as smartphones and tablets, add new security risks for organizations to mitigate. Learn the approaches to mitigating them, as well as how to control access and design and implement a security policy that incorporates mobility.

Dear Privacy Officer - the Nightmare Letter - Given the public's knowledge on the occurrence of privacy breaches brought about by reports in the media, and that in fact these may be underreported, companies should be prepared for Canadians exercising their right to inquire not only what an organization knows about them, but whether their personal information is at risk or has been exposed. Organizations would do well to be prepared for the receipt of the 'nightmare access letter' from an irate consumer who knows a little too much about privacy and information technology. This white paper provides an overview of the principles relating to safeguarding and access. In addition, it includes an example of an access letter, offered as a tool for C-level executives on the forefront of dealing with privacy breach fallout.

Preventing Data Leaks on USB Ports - This white paper explains how organizations can stop data leaks through storage devices attached to USB ports. Complimentary with registration.

more: White Papers

CIO Canada	ComputerWorld Canada	Network World Canada	Computer Dealer News	Direction Informatique	IT Business.ca
Click Here to Subscribe Now!

IT World Canada Curated
	Job and Career Resources • Canadian IT Jobs • IT Sales Jobs • Salary Calculator • Tech Learning Space	Knowledge Services • CDN ProFIT - Turnkey Marketing solutions • Visability • Knowledge Store
Subscribe Now- Register

Log In

Zero-day attacks head list of security concerns

Threats posed by zero-day vulnerabilities were ranked by global IT decision makers as their top security concern, according to a recent survey by security firm PatchLink.

Quick Access

Related Content

Related Videos

Most Popular

Related White Papers

Email
Password