IBM, Lenovo and HPE Servers Deliver Strongest Security as Data Breaches Surge

A 52% majority of enterprises cannot determine the amount of time it took their businesses to identify, isolate and shut down a security attack

Corporate enterprises rate mission-critical servers from IBM, Lenovo, Hewlett-Packard Enterprise (HPE) and Huawei (in that order) as the most secure platforms which had the fewest successful data breaches and proved the toughest for hackers to penetrate.

Only a miniscule 0.1% of zSystems (IBM Z) mainframes and 0.2% of the IBM LinuxONE III open-source platform suffered unplanned downtime due to a successful data breach. And just 2% of IBM Power Systems; 2% of Lenovo Think Systems; 3% of HPE Superdome servers and 4% of Huawei KunLun servers had downtime, application inaccessibility and productivity disruptions due to security attacks (see Figure 1).

Those are the results of ITIC’s 2023 Global Server Hardware Security survey, which compared the security features and functions of 18 different server platforms. ITIC’s independent web-based survey polled more than 1,700 businesses worldwide across 30 different vertical market sectors from June through mid-December 2022. As always, to maintain objectivity, ITIC accepted no vendor sponsorship money.

ITIC’s latest study found that strong security enabled IBM, Lenovo, Huawei and HPE corporate enterprises to lower annual IT operational costs related to cyberattacks by 27% to over 60%, compared to the least secure server hardware distributions.

IBM, Lenovo, Huawei, HPE and Cisco hardware (in that order) recorded the top overall scores in every security category, successfully solidifying and improving their top positions as the most secure and reliable server platforms, despite a significant 86% spike in security hacks and data breaches over the past two and a half years.

The survey found that usage trends such as remote and hybrid workforces; a rise in IoT usage, which creates more vulnerability points across the network ecosystem; and an increase in mobile device usage all contributed to the continuing spike in successful data breaches. At the same time, security incidents like ransomware, email phishing scams and targeted data breaches are more prevalent and commonplace. A 78% majority of ITIC respondent firms cite security as the number one issue and biggest threat to server hardware and server operating system reliability. This is a 2% increase from ITIC’s survey a year ago.

Mission-critical systems led by the zSystems and IBM LinuxONE III; the IBM POWER9 and Power10; the Lenovo ThinkSystem, Huawei KunLun, HPE Superdome Flex and Cisco UCS servers (in that order) delivered the most solid, across-the-board security capabilities.

The most secure server hardware platforms reported:

• The fewest number of successful security hacks/data breaches.
• The least amount of unplanned server downtime related to security incidents.
• The fastest mean time to detection (MTTD) from the onset of the attempted attack until the business identified, isolated and shut it down.
• The fastest overall mean time to remediation (MTTR) to restore servers, applications and networks to full operation.
• The least amount of lost, stolen, destroyed, damaged or changed data as a direct consequence of a data breach.
• The least monetary losses due to a successful security hack.

Technology Advances Fortify Systems Against Targeted Hacks

The most secure servers—notably the IBM z16 introduced in May 2022—are equipped with the best security. The IBM z16 is equipped with quantum-safe cryptographic algorithms CRYSTALS-Kyber and CRYSTALS-Dilithium that are nearly impossible for hackers to crack. IBM has securable platforms with security architected into all layers of the stack. IBM, Lenovo and HPE servers have all done an outstanding job of incorporating security into all layers of their respective server stacks.

The IBM z14, z15 and z16 mainframe outperformed all other server distributions, delivering near foolproof security and true fault tolerant seven nines or better (99.9999999%) uptime and reliability. Only a minuscule 0.1% of zSystems mainframes and 0.2% of IBM LinuxONE III systems experienced a successful security breach.

IBM standalone Power Systems and the Lenovo ThinkSystem servers were in a statistical tie; with only 2% of respondents reporting a successful hack over the past 12 months. Only 0.1% of zSystems mainframes and IBM LinuxONE III systems experienced a successful security breach. The IBM Power8, Power9 and Power10 servers again delivered top-notch security among all mainstream hardware distributions, with 95% of survey respondents reporting their firms were able to identify and thwart attempted security penetrations immediately or within the first 10 minutes of detection.

The Lenovo ThinkSystem servers achieved the best security scores among all x86 server distributions for the fourth year in a row. Lenovo ThinkSystem servers similarly delivered the best MTTD rates among all Intel x86 technology-based servers. A 95% of majority of Lenovo ThinkSystem survey respondents said their IT and security administrators detected and repelled attempted hacks and data breaches immediately or within the first 10 minutes of the penetration.

HPE Integrity Superdome continues to improve its security ratings, surpassing Huawei’s KunLun mission critical servers to take the number three spot. Just 3% of HPE customers say their firms had a successful security breach within the past 12 months while 4% of Huawei KunLun businesses acknowledge having a successful breach.
Just over 1 in 10 (11%) of Cisco UCS servers were successfully hacked. Cisco’s hardware performed extremely well. This is noteworthy since a significant portion of UCS servers are deployed in remote locations and at the network edge. Inexpensive, unbranded white box servers again proved the most porous—48% of survey respondents said their businesses were hacked. This is a 4% increase compared to ITIC’s earlier 2022 survey.

Security is—and will remain—the number one issue that either fortifies or undermines the reliability of mission-critical server hardware, server operating systems and applications. Businesses that hope to keep their data assets secure and ensure continuous, uninterrupted operations are well advised to deploy the most secure server hardware, server OS and application infrastructure. Any organization that ignores security does so at its own risk.
Overall, ITIC’s latest survey findings indicate that the security and reliability chasm among the most secure and the most insecure servers continues to widen.

As Figure 2 illustrates, the inherent security and reliability of the core infrastructure server hardware are inextricably intertwined. Data losses and productivity losses associated with successful security penetrations are expensive and disruptive. They compromise businesses’ intellectual property (IP) and heighten the risk of exposure for organizations’ business partners, customers and suppliers. Data breaches also expose employees’ personal data and commensurately raise corporations’ risk of litigation and regulatory noncompliance.
No one and nothing is immune to data breaches.

ITIC’s latest poll revealed that 80% of survey respondents fear their organizations will fall victim to a targeted attack over the next 12 to 18 months. This is up from 73% of businesses concerned about a successful breach over the past 18 months.

The survey findings are bolstered by various U.S. government agencies which ramped up their security initiatives and alerts. Over the past several years, government agencies have issued an increasing number of cybersecurity risk alerts and recommendations. The Federal Bureau of Investigation (FBI); the Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) and the Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) that issued dozens of alerts during the first seven months of 2022. CISA alone has issued nearly three dozen security alerts from January through mid-December 2022.

In March 2022, the release of the annual FBI Internet Crime Report 2021 revealed the total money lost to cybercrime increased 64% to $6.9 billion last year and that the number of cybercrime complaints to FBI rose 7% to 847,376. In 2021, the FBI’s IC3 received 19,954 business email compromise (BEC)/email account compromise (EAC) complaints, resulting in adjusted losses of nearly $2.4 billion.

The FBI 2021 Internet Crime Report says cyber crooks exploit organizations’ use of remote work and virtual meetings caused a rise in online scams, noting, “…one new technique involved scammers inviting company employees to virtual meetings and using deepfake simulated audio of an executive’s voice instructing workers to transfer money to a fraudulent account.”

According to the FBI, “almost all cybercrime metrics have increased dramatically since 2017—money lost increased by 393% and the overall number of complaints increased by 191% while reports of phishing scams, in which a scammer sends an email pretending to represent a reputable company to trick victims into revealing passwords, increased 1,178%.”

Among the most high-profile and well documented security breaches this year are:

• The Russia/Ukraine hacking war began even before Russia invaded the Ukraine. Both countries are engaged in an ongoing series of attacks and counterattacks aimed at destroying each other’s computer systems, various institutions and IT infrastructure.
• In early 2022, the international digital extortion gang Lapsus$, based in the United Kingdom, launched a series of successful phishing attacks against a wide array of high technology firms. The Lapsus$ hacking group stole and leaked proprietary source code from Microsoft, Nvidia and Samsung in an apparent extortion attempts.
• In April, the Conti cybercrime hackers, who have been linked to Russia, attacked Costa Rica’s Ministry of Finance, crippling that country’s import/export business for months.
• In June, Massachusetts-based Shields Health Care Group reported it got hit by a near month-long hack that impacted nearly 2 million subscribers.
• BlackFog—a global cybersecurity company headquartered in Cheyenne, Wyoming—said it recorded 39 ransomware attacks in August, the second-highest month since it began tracking data breaches in 2015. According to BlackFog, healthcare organizations were particularly hit hard with 10 different incidents recorded, including an attack on the U.K.’s National Health System (NHS), as well as an attack on a French hospital which resulted in a $10 million ransom demand. Education, government and utilities were also high on cybercriminals’ hit lists.
• In September, Australian telecommunications giant Optus, which has nearly 10 million subscribers, was hit with a huge data breach when hackers penetrated its firewall and exposed names, birthdates, phone numbers, email addresses, drivers licenses and even passport numbers.
• In October, Russian-speaking hacking group Vice Society leaked 500GB of information from The Los Angeles Unified School District (LAUSD) when the nation’s second-largest school district refused hackers’ demands to pay an unspecified ransom by October 4th. Once again, the cyber crooks divulged sensitive personal data, including employees’ Social Security numbers, tax data, legal documents, detailed bank account numbers and financial data, as well students’ psychological assessments.

The aforementioned security attacks are the ones that make the news. For every one of them there are scores more that disrupt daily operations at small, midsize and large enterprises and they are just as deadly and expensive.

Strong Infrastructure and Network Security Are Imperative

The ongoing solid security results posted by IBM, Lenovo and HPE are encouraging. Each of these top-performing vendors has a long history of prioritizing security and being at the forefront of delivering advanced security technologies. The top server distributions have maintained—and improved—those high levels of security despite the growing frequency and ferocity and increasingly targeted nature of the security attacks. 46% of all ITIC survey respondents reported their servers, operating systems and critical business applications suffered successful security hacks over the past three years. This is an increase of 11 percentage points from 41% in just the last year and a hike of 32 percentage points based on the 19% of organizations that said their servers were successfully penetrated in ITIC’s 2020 Global Server Hardware, Server OS Security poll, two years ago.

No server platform, server OS or business application will provide 100% foolproof security. However, IBM, Lenovo, HPE and Cisco, which are among the most reliable server platforms, also provide the greatest levels of inherent security. This enables customers to achieve the greatest economies of scale and safeguard their sensitive IP and data assets. Security is a 50/50 proposition. While vendors must deliver robust security, corporations are ultimately responsible for maintaining and hardening the security and reliability of their servers and infrastructure.

---