Are Mainframes Your Weakest Link?
The information security market has grown tremendously over the past two decades as major cyberattacks have resulted in more than $10 billion in damages.
By Christopher Perry ,
The mainframe has earned years of security through obscurity because the original hacker culture simply lacked access to the prohibitively expensive system to break and pen test. Today, the cost of access for nation state sponsored advanced persistent threats, the ubiquity of Linux* on IBM Z* and access to a virtualized z/OS* platform have lowered the barrier to entry for malicious actors. This necessitates that companies begin protecting the backbone of the IT infrastructure from more than the auditor.
Companies have learned this lesson the hard way. Stories of hackings have made headlines internationally4. Even the mainframe is not immune. Hackers have had the capacity to destroy a company’s most vital information. The only way to effectively detect and respond to attacks is to use tools that have real-time notification and monitoring of mainframe events aggregated into the enterprise SIEM where security analysts can immediately spot unauthorized users escalating privileges, access to the mainframe’s most sensitive fi les and modification of sensitive datasets.
Within a few hours, the hackers had full control of the victim’s mainframe. At this point, the hackers had the full capability to encrypt and destroy the company’s most vital information. The only way to effectively detect and respond to attacks like this is to use tools that have real-time notification and monitoring of mainframe events aggregated into the enterprise SIEM where security analysts can immediately spot unauthorized users escalating privileges, access to the mainframe’s most sensitive fi les, and modification of sensitive datasets.
The time to prevent stories like this from being about your organization is now. Include your mainframe in your security architecture and ensure you can perform endpoint detection and response to security incidents before you are in the headlines.
3 https://blogs.dlapiper.com/privacymatters/germany-first-data-protection-authority-issues-gdpr-fine/ 4 https://www.pcworld.com/article/2034733/pirate- bay-cofounder-charged-with-hacking-ibm-mainframes-stealing-money.html
Christopher Perry is the lead product manager for BMC AMI for Security. Prior to BMC, he served in the U.S. Army in several cybersecurity roles.
About BMC Software
BMC helps customers run and reinvent their businesses with open, scalable and modular solutions to complex IT problems. Learn more about our solutions →