VMWorld, Barcelona - 15th October, 2013 – New research released today by Trend Micro, the global leader in cloud security, shows that almost two thirds (63 per cent) of European organisations believe that virtualised environments introduce new risks and require stronger security measures. Yet despite these findings, we are witnessing a European skills gap with over a fifth (22 per cent) of security professionals lacking the knowledge or confidence to manage security in virtual environments.
European businesses struggle to keep virtualised environments secure
The study conducted by Trend Micro in collaboration with Vanson Bourne, found that 97 per cent of organisations from the UK, France, Germany and Benelux think virtualisation has contributed to the complexity of their IT infrastructure, with 87 per cent struggling to keep their systems secure.
94 per cent of respondents in the UK are struggling compared to 88 per cent in France, 85 per cent in Germany and 83 per cent in Benelux. A lack of resources is seen as the main reason behind this challenge in the UK, Germany and Benelux, while French organisations feel the lack of awareness around security threats is the biggest driver.
A clear demand for virtual security skills
The majority of respondents in all regions want to up-skill in securing virtual environments, with Germany seeing greatest demand with 94 per cent. The UK lags behind the other regions, however a significant 64 per cent are still looking to increase their skills. Almost two thirds (64 per cent) of security professionals want to see businesses investing in virtual security training, with France leading the way at 76 per cent and Benelux lagging at 51 per cent.
At an industry level, there’s demand from the UK, France and Germany for industry-wide virtual security guidelines to be put in place to help organisations understand best practice. However, Benelux still sees availability of training and industry roadshows as the most important factor.
“The research reveals an alarming number of European businesses are struggling to keep their virtual systems secure and a lack of training and education is the main contributor to this issue,” said Michael Darlington, Technical Director at Trend Micro. “However, it’s promising that security professionals recognise the problem and are demanding investment in up-skilling to better equip them to manage new, complex IT infrastructures. Ultimately the responsibility lies with organisations to provide their staff with the training and support necessary to ensure business data is safe. Without this investment, we will see businesses continue to struggle to secure their virtual networks, leaving themselves open to the risk of cyber attacks.”
Security teams need more involvement in the virtualisation roadmap
European businesses recognise the importance of factoring security into their virtualisation roadmap with 96 per cent stating that security is an integral part of moving to a virtualised environment. However, the majority of organisations are not acting on this belief; 59 per cent admit to not consulting security teams throughout virtualisation deployments. Just over a third (36 per cent) of organisations in Germany and Benelux consulted the security team throughout the transition to the virtualised environment.
Also worrying is the fact that over half (54 per cent) of organisations in France, Germany and the UK are still deploying the same security tools in a virtualised environment as they did in a physical environment. “Virtualisation security is still being viewed as an afterthought as businesses ‘make do’ with the same security policies, process and tools they would use in a physical environment,” said Darlington. “This approach is leaving organisations open to the risk of cyber-attack as they fail to realise that a new security mind-set is required. Benelux is the only region that has changed its mindset to some degree, with only 39 per cent using the same tools.”
Lack of consistency over virtual machine responsibility
The research shows a lack of understanding across all regions over where the responsibility of the security of their virtual machines actually lies. Almost one in four (23 per cent) organisations have their virtual infrastructure hosted in a third party data centre, while 31 per cent have it hosted both on premises and in a data centre, which is leading to confusion over who is responsible for the management. Promisingly, the majority (46 per cent) understand that responsibility for securing these virtual machines lies with both the organisation and the data centre provider. However, this varies from region to region, with just 15 per cent of French businesses thinking that the responsibility over virtual security lies with the organisation itself.
About Trend Micro
Trend Micro Incorporated (TYO: 4704), a global leader in security software, strives to make the world safe for exchanging digital information. Our solutions for consumers, Trend Micro™ Smart Protection Network™ provide layered content security to protect information on mobile devices, endpoints, gateways, servers and the cloud. Trend Micro enables the smart protection of information, with innovative security technology that is simple to deploy and manage, and fits an evolving ecosystem. Leveraging these solutions, organizations can protect their end users, their evolving data center and cloud resources, and their information threatened by sophisticated targeted attacks.
All of solutions are powered by cloud-based global threat intelligence, the Trend Micro™ Smart Protection Network™, and are supported by over 1,200 threat experts around the globe.
For more information, visit www.trendmicro.com/en_gb/. Or follow our news on Twitter at @TrendMicroUK.