Just one false move

“It’s not public facing, and it takes a specialized skillset to compromise a mainframe” - CISO and VP at fintech company, Forrester report commissioned by BMC, July 2020

That statement is not true. And it neatly illustrates the levels of complacency that exist in many organizations. Even the smallest gap in your defences can be exploited by a determined cybercriminal with limited skills. I’ve demonstrated many times how it can be done. The bad actors see the mainframe as just another server to be hacked. One false move and you’re in trouble.

Incidentally, ‘One False Move’ is an excellent low budget crime thriller from the 1990s starring the late great Bill Paxton as small town police chief Dale “Hurricane” Dixon. When the (very) bad guys ride into town, a series of miscalculations lead to a violent and tragic conclusion. In fact, the movie shows how even the smallest errors or omissions can make an already risky situation worse, leading to serious far-reaching consequences. Just one false move and … okay, you get the picture.

So what about the consequences of errors and omissions in the mainframe world? Just how vulnerable are companies to attack due to overconfidence and complacency? The answer is “very” according to a July 2020 report by Forrester titled ‘A False Sense of Mainframe Security’.

I’ve written about the dangers of this complacency before. As my BMC colleague John McKenny summed it up, “the mainframe security overconfidence referenced in the report is essentially due to the fact organizations are often mistaken to believe that ‘secure’ is inherent for mainframes. In reality, secure means ‘securable’.” 

I couldn’t agree more. It’s the most securable platform on the planet but it doesn’t come that way out of the box. Forrester’s evaluation, commissioned by BMC, was designed to evaluate the tools, actions, approaches and maturity of mainframe security in today’s enterprises. Forrester surveyed 264 security decision makers in North America and EMEA.

The results are a mix of some good news and some jaw-droppingly “less good” news. They certainly give mainframe user organizations – and the mainframe services sector – food for thought. For instance, while 82% of respondents said the mainframe is very or extremely secure, more than 80% said that even though they have the right tools they still experience major security events. The thing is, you can never let your guard down. The landscape keeps shifting, new risks emerge, and the bad actors find new ways in.

Of even greater concern was that while data protection and risk reduction are considered to be top IT priorities, only 41% of organizations are actually taking the steps needed to actively secure their mainframe. Or to put it another way, three-fifths of organizations are not taking the steps required to secure their mainframe. 42% of respondents reported that someone had gained unauthenticated access to their mainframe. And, back to another of my regular themes, 39% of the leaders surveyed said user privileges had been elevated without their knowledge.

Worrying stuff. And we’re not talking about “one false move” here that might lead to catastrophe. Multiple, often overlapping enterprise issues need to be resolved, and in a great many organizations.

Of course, 2020 has also been a year like no other in recent memory. As part of the pandemic’s massive business and social impacts, COVID-19 and the new “work from home” normal are continuing to reshape the security environment. As a CISO noted in the Forrester report, “Because of COVID-19, our primary priority, at least for the next six months or so, is improving work-from-home security. Our workforce has moved from 3% work from home to 97% work from home.” And that’s just the tip of the iceberg.

So what are the internal and external barriers that are slowing change in this critical area? What about internal threats? What benefits will you gain by embedding a more mature mainframe security stance? You can learn more, including the key recommendations from the Forrester report, at a special security webinar on Tuesday, 25th August. It’s free to join, and you can register here - https://bit.ly/314eNR3

In terms of what happens next, it’s your move.

A global thought leader in mainframe technology and security, Mark Wilson heads the BMC Mainframe Services by RSM Partners Technical and Security teams. With four decades’ experience in IBM Z across diverse sectors and environments, in both hands-on technical and strategic roles, his deep insight and solutions-driven approach mean he is highly valued by clients across the world, IBM and third-party technology partners. Mark is also Interim Region Manager for Guide Share Europe UK and GSE UK Conference Manager.