A new Kaspersky Lab survey (PDF) uncovered a striking result: When virtual infrastructure is involved in a security breach, large and mid-size businesses pay twice as much to clean up the mess.
When a successful cyberattack occurs with a virtualized infrastructure, enterprises that have more than 1,500 employees pay over $800,000 in resulting costs. And, when you factor in additional, indirect costs for these breaches, such as staff training to prepare for future attacks, that average cost for enterprises rises above $1 million. By comparison, attacks on non-virtualized systems on average cost $400,000.
SMBs show the same pattern, albeit with less sticker shock. Mid-size firms pay an average of $60,000 for attacks on virtualized assets, compared to under $30,000 for physical asset security breach costs.
For the Security of Virtual Infrastructure report released in August 2015, Kaspersky surveyed over 5,500 companies in 35 countries.
Reasons for the increase in costs
Why do cyberattacks involving virtualized environments cost twice as much? Kaspersky explained that the main reason is virtualized infrastructure gets used more often for mission-critical operations and for storing sensitive data. An attack on virtualized infrastructure, according to the survey, more frequently results in the loss of important data and the ability to operate essential services, and also in damage to the company’s reputation.
Next come the complexities and risks of virtualized environments. 56% of respondents feel fully prepared to tackle the complicated risks; Kaspersky argued that figure is inflated, calling it a “misguided impression.” Just over half of firms surveyed (52%) believe that they understand those risks.
The Kaspersky survey also revealed that attacks on virtual infrastructure lead companies to rely more heavily on expert legal and IT security consulting advice. And when that happens, let’s just say it’s harder to keep the matter a secret.
Delving into the nuts and bolts of security solutions, Kaspersky reported that only 27% of companies are employing an application specific to virtualized environments. Of those using specialized solutions, close to half (48%) report using agent-based security programs for virtual endpoints.
Agent-based is one of the main approaches to security for virtual infrastructures. A security agent gets installed on each virtual machine. The drawback, explained Kaspersky, is this approach demands more security features and requires more resources.
According to Kaspersky, when you choose solutions not specific to virtualized environments, the wrong security approach can cost you.
…in most cases traditional security suites do work in virtual environments. However, what is regarded as a small performance penalty on a physical endpoint, may significantly reduce cost benefits when deployed on multiple virtual machines. This adds to the fact that an attack on virtual infrastructure costs twice as much as those involving only physical endpoints and servers. The conclusion is: IT threats are a significant factor that influences the total cost of ownership (TCO) of a virtual infrastructure. A security breach or even making the wrong choice in security approach may nullify the expected cost benefits of ‘going virtual’.
The three top virtualization platforms in the survey are: VMware (40%), Microsoft (36%), and Citrix (9%). Regarding open-source platforms, 6% of respondents use Xen, and 3% use KVM.
Note: TechRepublic and ZDNet are CBS Interactive properties.