Skip to main content

As Hacks and Data Breaches Soar, IBM, Lenovo, Cisco Top 2025 ITIC Security Survey

Eighty-six percent of organizations cited security issues as the top cause of unplanned server downtime; 75% cited human error

Laura DiDio February 19, 2025

Corporate enterprises rate mission-critical servers from IBM, Lenovo, Hewlett-Packard Enterprise (HPE) and Huawei (in that order) as the most secure platforms, experiencing the fewest successful data breaches and proving the toughest for hackers to penetrate.

Only a miniscule 0.1% of IBM Z mainframes and 0.2% of the IBM LinuxONE III and LinuxONE 4 open-source platforms suffered unplanned downtime due to a successful data breach. And just 2% of IBM Power Systems, 2% of Lenovo Think Systems, 4% of Cisco UCS servers and 5% of HPE Superdome servers experienced server outages, application inaccessibility and productivity disruptions due to security attacks over the past 12 months (see Figure 1).

Those are the results of ITIC’s 2025 Global Server Hardware Security Survey, which compared the security capabilities of 18 different server platforms. ITIC’s independent web-based survey polled 1,950 businesses worldwide across 36 vertical markets from July 2024 through mid-February 2025. To maintain objectivity, ITIC accepted no vendor sponsorship money. None of the survey participants received remuneration.

ITIC’s latest study found that server market leaders IBM, Lenovo, Cisco, HPE and Huawei maintained strong infrastructure reliability and security owing to strong investments in the latest security technology, e.g., IBM’s Quantum-safe cryptography, AI and generative AI. These ongoing research and development investments enabled corporate enterprises to reduce their annual IT operational costs (OpEx) related to cyberattacks by 25% to 55%, compared to the least secure server hardware distributions.

Figure 1. IBM and Lenovo servers have the lowest percentage of downtime due to security hacks. Source: ITIC 2025 Global Server Hardware Security Survey

Survey Highlights

Unsurprisingly, the ITIC 2025 Global Server Hardware Security Survey found that high-end mission critical servers installed in critical verticals like banking/finance, government, health care and utilities recorded the highest security.

Some 86% of ITIC survey participants said security is the number one threat to their organizations, followed by 75% citing human error and 65% saying remote employees constitute the biggest challenge.

Mission-critical servers tend to have the most robust server configurations, and the enterprises that install them typically go to great lengths to fortify their network infrastructures and overall ecosystems. Unlike general purpose workhorse server environments, high-end enterprise ITIC survey respondents say they regularly upgrade or retrofit their servers every two to three years, or as needed. Some 84% of the enterprises who participated in the ITIC survey said their organizations conduct vulnerability testing “at least once a year” and subscribe to their server vendors’ security services. 

Security Factors

Collectively, IBM, Lenovo, Cisco and HPE server distributions reported:

  • The fewest number of successful security hacks/data breaches
  • The least unplanned server downtime due to security incidents
  • The fastest mean time to detection (MTTD) from the onset of the attempted attack until the business identified, isolated and shut it down
  • The fastest overall mean time to remediation (MTTR) to restore servers, applications and networks to full operation
  • The least amount of lost, stolen, destroyed, damaged or changed data as a direct consequence of a data breach
  • The least monetary losses due to a successful security hack

Security Features for Near-Flawless Uptime

The IBM Z mainframes are in a class of their own, with the IBM z16 (introduced in May 2022) leading in security among mission-critical servers. Contributing to this standing, it is equipped with quantum-safe cryptographic algorithms CRYSTALS-Kyber and CRYSTALS-Dilithium, which are nearly impossible for hackers to penetrate. The IBM Z and IBM Power Systems have security embedded into all layers of the stack.

The Lenovo ThinkSystem servers similarly feature the latest AES security capabilities across the entire line. Lenovo ThinkSystem hardware also benefits from the fact that Lenovo’s desktop, laptop and tablets are equipped with ThinkShield security. This provides remote management capabilities, VPN solutions, GEO-fencing and multi-factor authentication to secure devices and data for remote employees and contract workers.

The IBM z13, z14 and z15 mainframes outperformed all other server distributions, delivering near-foolproof security and true fault-tolerant “eight nines” or better (99.999999%) uptime and reliability. The z16 recorded a near-flawless “nine nines” (99.9999999%) uptime. Only a minuscule 0.1% of IBM Z mainframes and 0.2% of IBM LinuxONE Emperor 4 systems experienced successful security breaches in the  past year.

The IBM Power9 and Power10 servers likewise incorporate security at every level of the stack. The hardware level, for example, has advanced tamper-resistant features built into the processor to prevent unauthorized access and modifications, secure cryptographic engines to provide strong encryption of data and Trusted Boot to ensure that only authorized software components are loaded during system startup. At the virtualization level, the IBM Power systems hypervisor isolates workloads within a single physical server, allowing for secure resource sharing within your infrastructure.

Successful-Attack Rates

In defending against attacks, only 0.1% of IBM Z mainframe survey respondents say their businesses were successfully hacked. IBM standalone Power systems and the Lenovo ThinkSystem servers are statistically tied: only 2% of IBM Power and Lenovo ThinkSystem respondents reported a successful hack over the past 12 months. Additionally, 96% of IBM Power users, 95% of Lenovo ThinkSystem customers, 90% of HPE Superdome and 88% of Cisco UCS firms say they identified and thwarted all attempted security penetrations immediately or within the first 10 minutes of detection during the last year.

The Lenovo ThinkSystem servers achieved the best security scores among all x86 server distributions for the sixth year in a row. Lenovo ThinkSystemservers similarly delivered the best MTTD rates among all servers based on Intel x86 technology.

Cisco UCS and HPE Integrity Superdome corporate enterprises likewise maintain robust security, with just under 10% of Cisco and HPE customers confirming their firms had a successful security breach within the past 12 months. That was followed by 17% of Fujitsu Primergy, 19% of Dell PowerEdge, 27% of HPE ProLiant and 31% of Oracle x86 organizations confirming they experienced a successful hack within the past year.

Cisco’s statistics are notable because a substantial portion of UCS servers are deployed in remote locations and at the network edge. Inexpensive, unbranded white box servers again proved the most porous—56% of survey respondents said their businesses were hacked. This is an 8% increase compared to ITIC’s earlier 2023 survey.

Conclusions

Overall, ITIC’s latest survey findings indicate that the security and reliability chasm among the most secure and the most insecure servers continues to widen.

Targeted security breaches and hacks like phishing scams and ransomware are big business. The fraudsters are organized and extremely sophisticated. The Federal Bureau of Investigation’s (FBI) Internet Crime Complaint Center (IC3) 2023 Annual Internet Crime Report recorded sharp increases in the frequency and financial impact of fraud perpetrated by cybercriminals. In 2023, the FBI IC3 received a record 880,418 complaints, with potential losses exceeding $12.5 billion, nearly a 10% increase in complaints and a 22% increase in losses over 2022.

No hardware, software or application delivers 100% foolproof security. No organization is immune from a data breach or targeted security hack. However, businesses can ensure the reliability of their server and infrastructure ecosystems and protect their data assets by deploying the most secure servers. IBM, Lenovo, Cisco and HPE and Cisco, which are among the most reliable server platforms, also provide the greatest levels of inherent security, according to ITIC’s 2025 Global Server hardware Security Survey. This enables customers to achieve the greatest economies of scale and safeguard their sensitive IP and data assets.Security is a 50/50 proposition. While vendors must deliver robust security, corporations are ultimately responsible for maintaining and hardening the security and reliability of their servers and infrastructure. Ask yourself: How much can your business afford to lose?

Related Articles See more

Articles

New Mainframe Data Exfiltration Vulnerabilities Emerge

Al Saurette

February 21, 2025

Articles

Cybersecurity Reigns as the IBM i Community’s Top Concern: Fortra Marketplace Survey

Andrew Wig

February 14, 2025

Podcasts

Carol Woodbury’s Top IBM i Security Projects for 2025

Charlie Guarino

February 3, 2025

© 2025 TechChannel. All rights reserved

Key Enterprises LLC is committed to ensuring digital accessibility for techchannel.com for people with disabilities. We are continually improving the user experience for everyone, and applying the relevant accessibility standards.