UK organisations have improved their IT security and reduced critical vulnerabilities in the last year, according to research published today.

NTA Monitor’s 2007 Annual Security Report finds 32 per cent of UK organisations had widely known critical vulnerabilities actively exploited by hackers compared with 61 per cent in 2006.

While improvements in overall security have been achieved in most industry sectors, publishing and finance have seen an increase in the average number of vulnerabilities located by the research.

The average risk for financial services increased by 16 per cent year-on-year, while publishing saw an increase of 28 per cent.

NTA Monitor technical director Roy Hills says there are a variety of ways of causing damage including denial of services attacks.

‘When server is bombarded with more information than it can handle legitimate users are unable to access or use the network,’ said Hills.

‘Other security flaws that our testing discovered could permit hackers to gain entry to corporate networks and change users’ passwords or delete files, which could wreak corporate havoc,’ he said.

Of the 10 most commonly occurring critical vulnerabilities, seven were also in the previous year’s report.