Calling the costs of patching "astronomical," a new Yankee Group survey has found the price of patching soared...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
to as much as $40 million for many enterprises last year.
"The cost to patch 5,000 desktops is more than $1 million, an average of $254 per desktop," said Yankee Group analyst Phebe Waterfield. "Between Jan. 2003 and Jan. 2004 Microsoft released 40 desktop-related security patches, driving the cost to maintain completely up-to-date patch levels to an astronomical $40 million per year."
Waterfield says enterprises are responding to the increasing costs by delaying applying them until multiple patches or service packs are available.
"Organizations patch monthly or quarterly -- vulnerabilities are 'acceptable risks' in light of the cost and risks associated with patching," said Waterfield. "Patches must be tested and rolled out across an enterprise -- this is a very time consuming and expensive process."
"Resources are also needed to deal with any incompatibilities," added Waterfield. "There will always be cases where the patch 'fails' or causes a problem with existing software."
The survey of more than 400 decision makers at medium to large companies found that 54% expect their budgets to increase over the next three years. Where they plan to spend it isn't a surprise. More than half (56%) of respondents said spending would be primarily focused on antivirus, IDS/IPS and firewalls.
Among its predictions for this year: network integrity systems revenue will exceed $250 million in 2004, up from $175 million last year; firewalls will become content-aware; and network and security vendors will acquire or partner with gateway players. Yankee Group also anticipates ISPs, MSSPs, and e-mail and software vendors will acquire the makers of antispam products.