New research released by Trend Micro, cloud security provider, has shown that 25% of British organisations do not have the knowledge to manage virtual security deployments, with 52% stating this is down to a lack of training or funds available to train.
Promisingly, almost two thirds (64%) of security professionals want to up-skill in securing virtual environments to address this knowledge gap.
The study found that almost two thirds (65%) of IT decision makers want to see their organisations boost investment in training to help them develop to skills required to better secure virtual environments. At an industry level, 57% of British businesses want to see virtual security guidelines put in to help organisations understand best practice. Additionally, over half of UK businesses are seeking more guidance from vendors when it comes to securing virtual environments.
Michael Darlington, technical director at Trend Micro, said: "Trend research from earlier this year revealed an alarming number of British businesses are struggling to keep their virtual systems secure and our latest report finds that a lack of training and education is the main contributor to this issue.
"However, it is promising that security professionals recognise the problem and are demanding investment in up-skilling to better equip them to manage new, complex IT infrastructures. Ultimately the responsibility lies with organisations to provide their staff with the training and support necessary to ensure business data is safe. Without this investment, we will see businesses continue to struggle to secure their virtual networks, leaving themselves open to the risk of cyber attacks."
When searching for a security solution for their virtual environments, worryingly the majority of UK businesses (70%) are prioritising cost over the solution's effectiveness at detecting and stopping threats. The ease of deployment and management of the solutions is the next priority (62%), with effectiveness at keeping the infrastructure secure coming in at third in the list of priorities.
British businesses are demonstrating a lack of understanding over where the responsibility of the security of their virtual machines actually lies. One in four (25%) organisations have their virtual infrastructure hosted in a third party data centre, while 33% have it hosted both on premises and in a data centre, which is leading to a lack of clarity over who is responsible for information security. Encouragingly, the majority (41%) understand that responsibility for securing these virtual machines lies with both the organisation and the data centre provider. However, almost a third of respondents think that the responsibility lies solely with the data centre provider, meaning they're trying to wash their hands of the problem.
Darlington said: "Given that third party hosting of virtual machines isn't exactly a new concept, it's surprising that UK organisations are still unsure over where responsibility lies with managing the security of these devices.
"We need to look at introducing industry-wide guidelines to provide businesses with clarity here, ensuring that they are working with data centre managers to protect their virtual assets in the best possible way."
M86 Security is a global provider of web and e-mail security products. We are the only security company able to provide integrated, reliable and...
Absolute® Software specialises in technology and services for the management and security of mobile computers and smartphones.
Established in 1957, BCS, The Chartered Institute for IT, promotes wider social and economic progress through the advancement of information...
Qualys is the leading provider of on demand IT security risk and compliance solutions - delivered as a service. Qualys solutions enable...