Dimension Data, the global ICT solutions and services provider said that the number of devices on corporate IT networks carrying vulnerabilities has dropped from 75% in 2011 to 67% in 2012. While this is the lowest figure in two years, it highlights the on-going lax approach to security on the part of network managers.

This is one of the findings in Dimension Data’s 2013 Network Barometer Report published last week.

First published in 2009, The Network Barometer Report reports on the status of networks globally, aggregates data from organisations and the Technology Lifecycle Management Assessments conducted by Dimension Data around the world during the last year. The Report reviews networks’ readiness to support business by reviewing the security vulnerabilities, end-of-life status and configuration variance from best practice of network devices. Today, Dimension Data boasts over 1,200 Technology Lifecycle Management Assessments completed for organisations of all sizes from all industry sectors, and across all geographies over the past five years.

Raoul Tecala, Dimension Data’s Business Development Director for Network Integration says, “There are certain vulnerabilities that have been around for many years which have not yet been fixed – despite vendors like Cisco Systems’ proactive approach to patch alerts and on-going software and system upgrades.

“It can be a daunting and challenging task to eliminate all vulnerabilities from large and complicated environments. However, the disruption and effort required must be weighed against the potential impact and actions that must be taken. Although networks currently appear to have fewer vulnerabilities – the high percentage of devices carrying vulnerabilities will remain until the software is patched or upgraded to a newer, more secure version of code.”

Tecala advises organisations to focus their efforts on vulnerabilities that represent the largest threats. “The closer a device is situated to the Internet, the higher the risk. Therefore, organisations must be vigilant and should implement a constant regime to evaluate, prioritise and patch network vulnerabilities.

“While IT networks currently seem to have fewer vulnerabilities – and many of these are difficult to eliminate completely – new vulnerabilities are identified each year, so it’s unwise to be complacent.” concludes Tecala.

Click here to read the 2013 Network Barometer Report Executive Summary.