A recent study from Kaspersky Lab found that it costs significantly more to protect a virtual infrastructure. The survey determined that virtual servers are more likely to run mission-critical applications or contain sensitive data–making a successful attack against the virtual infrastructure more costly in terms of the overall impact on the company.
I wrote this blog post about the study and why it costs more to protect your virtual infrastructure:
Security incidents are expensive, but not all security incidents are created equally. A recent study found that businesses pay a significant premium for incident response and recovery affecting a virtual infrastructure.
Respondents representing more than 5,500 different companies across 25 different countries participated in the survey. The purpose of the survey was to learn more about the cost of security incidents and incident recovery and what impact virtual servers or a virtual infrastructure have on those costs.
The study found that 62 percent of businesses use virtualization in some form or another. VMware is the most widely used virtualization platform, followed closely by Microsoft with Citrix coming in a distant third. However, only 52 percent of respondents feel they fully understand the risks specific to virtual environments, and nearly half of the companies represented in the study report that they are not fully prepared to deal with security risks in a virtual environment.
What makes the inherent security risks of virtualization more concerning is that according to the report businesses pay on average about twice as much to recover from a security breach when a virtual infrastructure is involved. The report seeks to explain why security incidents on virtual servers are apparently so much more expensive. The primary difference according to analysis of the survey data seems to be that virtual environments are more likely to be used for mission-critical operations, meaning that a successful attack against a virtual environment has a greater impact on the organization.
Visit the RSA Conference blog to read the full post: Why It Costs More to Protect Your Virtual Infrastructure.