Virt + InfoSec + BC/DR

AT&T has an interesting study on 2008 Business Continuity practices - its of larger enterprises - revenues larger than $25 (and I agree - smaller companies have BC Practices to but it's their survey).

"Two-thirds of IT executives predict that hacking will be the biggest threat in the next five years. "

This is pretty consistent, with infosec spending being up

"INPUT’s “Federal Information Security Market Forecast, 2008-2013” predicts that government information security spending will rise from $6.6 billion in 2008 to $9.6
billion by 2013...contract spending on information security will grow at 7.9% compound annual growth rate (CAGR), rising $3.0 billion over the next five years."

Information Week's 2008 Stategic Security Study also backs this up

"95% will see their budgets either hold steady or increase this year."

The industy is blending business continuity and information security together - both solving a common problem - encounter a fault or an problem and keep the systems running.

If 66% of the faults or problems are caused by hackers then BC/DR becomes intertwined with Infosec.

I want to add a third layer to this puzzle - virtualization.

It's on the rise - three big companies making virtualization products, companies are virtualizing servers and desktops as fast as they can and one of the biggest features and benefits - encounter a fault and keep the VM running.

With Site Recovery Manager, Vmotion, and newly announced stuff like VMware FT and if we add VMsafe - we want these VMs highly available, highly secure, but flexible enough to move between datacenters (SRM) or hosts (VMotion) or SANs (Storage VMotion) and we want users access them from anywhere in the world (VDI).

My concern is performance and assuring that performance levels remains the same or if it operates a dinimished capacity in a BC/DR environment, that IT shops have a mechanism and tools to keep an automated eye on resource utilization and resource capacity.