Story image

Virtual infrastructure recovery costing businesses

25 Aug 15

When virtual infrastructure is affected during a cyber attack, businesses are faced with mounting costs in order to recover, according to security experts Kaspersky Lab.

In a report, Security of Virtual Infrastructure, the company says enterprises pay more than US$800,000 on average to recover from a security breach, which is twice as much compared to incidents involving only physical infrastructure. 

The report is based on a worldwide survey of 5500 companies conducted in cooperation with B2B International in 2015.

According to the report, small to medium businesses experience the same pattern as enterprises. On average, SMBs reported damage of more than $26,000 for an attack on their physical infrastructure. The involvement of virtual infrastructure in a security breach however, drives the cost up closer to $60,000, Kaspersky Lab explains.

The company says the main reason behind the additional cost for  a security breach affecting virtual environments is that the majority of businesses use virtual infrastructure for their most important operations. 

While an attack on physical nodes leads to the temporary loss of access to business critical information in 36% of incidents reported, this rises to 66% when a breach affects virtual servers and desktops, the report shows. 

Attacks affecting virtual environments also more frequently require additional budget on third-party expertise. Businesses have to request help not only from IT consultants, but also lawyers, risk management experts and others.

The report reveals 62% of companies that have already embraced virtualisation platforms are likely to entrust them with their most critical business processes.

The complexity of security measures in a virtual environment, as well as an incorrect perception of the threat landscape are two additional elements that increase the cost of recovery in the virtual environment, Kaspersky Lab says. 

The report shows that 42% of businesses believe that security risks in virtual environments are significantly lower than in ‘physical’ environments. 

The study found 45% of companies report that security management in virtual environments is perceived as a problem. 

Furthermore, only 27% of businesses have deployed a security solution, specifically designed for the virtual environment.

“Businesses expect that going virtual will drive down their IT spend and streamline their infrastructure,” says Matvey Voytov, corporate products group manager at Kaspersky Lab.

“However, the survey results show us that if there is not enough attention paid to security matters in the virtual environment, expenses may exceed the benefit.”

Voytov says businesses should use customised, virtual-aware security solutions with centralised management and reporting.

“The solution should have a low impact on resources, a high detection rate and the ability to spot suspicious activity right away,” Voytov says.  

STT GDC to build hyperscale data centre in Singapore
ST Telemedia Global Data Centres (STT GDC) today unveiled ambitious plans for expansion with its largest data centre in Singapore to date.
Golden opportunities for enterprise e-waste reduction
E-waste is a hot topic in tech circles, and Park Place's EMEA MD believes there could be huge opportunities if data centres and enterprises improve their practices.
How Schneider Electric aims to simplify IT management
With IT Expert, Schneider Electric aims to ensure secure, vendor agnostic, wherever-you-go monitoring and visibility of all IoT-enabled physical infrastructure assets.
Pitfalls to avoid when configuring cloud firewalls
Flexibility and granularity of security controls is good but can still represent a risk for new cloud adopters that don’t recognise some of the configuration pitfalls.
Cisco dominates record-high Ethernet switch & router markets
While the market is flourishing, it’s tough-going as Cisco has increased its majority share of the pie.
Why total visibility is the key to zero trust
Over time, the basic zero trust model has evolved and matured into what Forrester calls the Zero Trust eXtended (ZTX) Ecosystem.
Gartner names Proofpoint Leader in enterprise information archiving
The report provides a detailed overview of the enterprise information archiving market and evaluates vendors based on completeness of vision and ability to execute.
QNAP introduces new 10GbE and Thunderbolt 3 NAS series
The new series is supposedly an all-in-one NAS solution for file storage, backup, sharing, synchronisation and centralised management.