A quarter of UK organisations do not have the knowledge to manage virtual security deployments, a study has revealed.
More than half say this is due to a lack of training or funds available to train, according to the study by security firm Trend Micro in collaboration with Vanson Bourne.
But almost two-thirds of the 100 IT decision-makers polled across UK public and private organisations want to see their employers boost investment in training to secure virtual environments.
At an industry level, 57% of UK businesses want to see virtual security guidelines put in place to help organisations understand best practice.
Additionally, over half of UK businesses are seeking more guidance from security suppliers when it comes to securing virtual environments.
When searching for a security solution for their virtual environments, 70% of UK businesses are prioritising cost over effectiveness at detecting and stopping threats
Staff need new skills to secure virtual environments
“Trend research from earlier this year revealed an alarming number of UK businesses are struggling to keep their virtual systems secure, and our latest report finds that a lack of training and education is the main contributor to this issue,” said Michael Darlington, technical director at Trend Micro.
“However, it is promising that security professionals recognise the problem and are demanding investment in up-skilling to better equip them to manage new, complex IT infrastructures,” he said.
Darlington added that ultimately the responsibility lies with organisations to provide their staff with the training and support necessary to ensure business data is safe.
“Without this investment, we will see businesses continue to struggle to secure their virtual networks, leaving themselves open to the risk of cyber attacks,” he said.
The research also revealed that when searching for a security solution for their virtual environments, 70% of UK businesses are prioritising cost over effectiveness at detecting and stopping threats.
Ease of deployment and management is the next priority, with effectiveness at keeping the infrastructure secure coming in at third in the list of priorities.
Lack of clarity over VM security responsibility
UK businesses also show a lack of understanding over where the responsibility of the security of their virtual machines (VMs) actually lies.
One in four organisations have their virtual infrastructure hosted in a third-party datacentre, while one in three have it hosted both on-premises and in a datacentre, resulting in a lack of clarity over who is responsible for information security.
While 41% understand that responsibility for securing these virtual machines lies with both the organisation and the datacentre provider, almost a third of respondents believe the responsibility lies solely with the datacentre provider.
“Given that third-party hosting of virtual machines is not a new concept, it is surprising that UK organisations are still unsure over where responsibility lies for managing the security of these devices,” said Darlington.
“We need to look at introducing industry-wide guidelines to provide businesses with clarity here, ensuring that they are working with datacentre managers to protect their virtual assets in the best possible way,” he said.
Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners.
If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Related content from ComputerWeekly.com