Why it’s Twice the Price: Virtual Security Incidents

August 25, 2015//Ellen Neveux

Last Updated: October 12, 2020

Virtual environment breaches cost double that of their traditional counterpart.
The steady march toward virtualization has kept pace amid a variety of security concerns. The convenience and cost saving benefits of virtual environments have thus far swayed infrastructure and budget decision makers. However, a new report from Kaspersky Lab may demand additional consideration.

The report states, “Enterprises pay more than $800,000 on average to recover from a cyberattack on virtual infrastructure while small businesses pay nearly $60,000.” These figures are double the amount paid in traditional environments, with enterprises paying $400,000 and small businesses paying $26,000 on average.

The Kaspersky report surveyed 5,500 companies and came away with three key insights that shed light on why costs vary so significantly following virtual breaches as compared to physical machine incidents. Andrey Pozhogin, senior product marketing manager at Kaspersky Lab, concludes that the way IT professionals think about virtual environments has a bigger impact on overall security than the traits of virtualization itself. The reasons appear to focus on people and process.

1. IT professionals assume that virtual environments are innately more secure than physical servers. “They believe that if a virtual machine catches a virus, they can just delete the virtual machine and create a new one from a template,” says Pozhogin.

In fact, 42 percent of survey respondents believed there are “significantly lower” risks in virtual environments. Pozhogin points out that this belief is flawed and can lead to high-risk vulnerabilities. Virtualized environments need dedicated solutions built to specifically address virtualization.

2. There are long established disaster-recovery plans for physical environments. The report exposes that this is not the case for virtualization. “What we see is that companies that virtualize tend to limit the virtualization project to the virtualization itself,” Pozhogin said. “They tend to postpone disaster recovery, fault tolerance, and security until later.”

3. Businesses often use virtualization for their most “mission-critical, high-value processes,” said Pozhogin. This heightens exposure during attack and limits resources to internal personnel.

“There are quite a big number of respondents who said that during the cyber incident, they lost access to business-critical data.” The report cites 66 percent of survey respondents lost access to business critical information during a virtualized environment incident, while only 36 percent lost important resources during a traditional environment incident.

In order to securely utilize virtualized environments, a paradigm shift is needed. Security solutions for virtual machines should be designed to address the specific vulnerabilities of that infrastructure.

As the debate continues, it’s important to remember that an essential overlap of virtual and physical environments is access management. As more sensitive data is sent to the cloud, enterprises should enforce policies that demand full transparency and access control over third parties entering their systems. With data breaches costing double and 63 percent of breaches due to a third-party IT component, it’s critical to avoid this perfect storm.


Browse these customer stories to learn how other companies have secured their IT environments. 

close close