According to the paper, “The CISO’s Guide To Virtualization Security,” information security professionals are often sidelined, either by IT infrastructure and operations professionals, or by their own choice.
Forrester reported that its interviews with IT professionals “revealed several troubling themes.” Those include:
- IT departments are relying on traditional security solutions designed for physical environments to secure virtual environments.
- Many information security professionals aren’t aware of security solutions for virtual environments.
- Many security professionals aren’t confident in their virtualization knowledge.
Forrester also points out several security risks with cloud solutions, including vulnerability to insider threats and network blind spots, such as traffic between two virtual machines on a virtual server.