Digital: Disrupted: Why Mainframe Security is More Critical Than Ever
November 3, 2023
In this week’s episode, Paul wraps up Cyber Security Awareness Month by sitting down with Cynthia Overby to discuss why it is more important than ever to prioritize mainframe security as the digital landscape changes. Cynthia also shares her advice to IT leaders who are not confident in their mainframe security compliance.
Digital: Disrupted is a weekly podcast sponsored by Rocket Software, in which Paul Muller dives into the unique angles of digital transformation — the human side, the industry specifics, the pros and cons, and the unknown future. Paul asks tech/business experts today’s biggest questions, from “How do you go from disrupted to disruptor?” to “How does this matter to humanity?” Subscribe to gain foresight into what’s coming and insight on how to navigate it.
About This Week’s Guest:
Cynthia is the Director of Security, Customer Solutions Engineering at Rocket Software, a global technology leader that develops enterprise software for some of the world’s largest companies. She has over 40 years of industry experience in mainframe compliance, risk management, governance, and cybersecurity business case development.
Listen to the full episode here or check out some highlights below.
Paul Muller: Why is mainframe security such a big issue and why is it so critical to an organization's security in your opinion?
Cynthia Overby: I don't think people understand that the majority of a corporation’s data and customer data resides on the mainframe. People access data from distributed systems, from the web, from their phone, from whatever, but what they don't understand is that the data that they're accessing is residing on a mainframe and the reason they can get access to it as quickly as they do is because it is residing on a mainframe. That's the powerhouse. That's the box that gives you the reliability and the performance that is required to be able to have hundreds of thousands of people access an ATM inquiry at the same time. You just can't do it without a mainframe. Yes, the mainframes have a moat around them, but it's really not that difficult with phishing today; how easy it is to get distributed user IDs and passwords. It's really not that difficult to be able to get the information required to be able to access a mainframe story from your LinkedIn.
PM: I go back to the early days of my career when I had more exposure to the mainframe, the mainframers would often, look, I was an open systems Unix guy. The mainframers would often look at you with this sort of disparaging sneer like you guys with your little toys. We could never trust anything to these systems. They lack security, and the general perception was that the mainframe was absolutely buttoned down. But what you've pointed out, if I understand you correctly, is that it's no matter what you do at a technical control level, your human factors, once they are compromised.
CO: They're always going to get in the way, that human factor is always going to get in the way, and that's why basically most of the malware attacks, ransomware attacks, all attacks right now they're basically saying about 80% to 85% of those attacks are coming from phish across the platforms. The other thing is that people are starting to use provisioning systems that are basically sitting on the other side of the firewall and those provisioning systems, an admin gets a request to set somebody up, and when they provision them, they provision them across the board so they're not only provisioning them for their Windows-based systems and their Unix based systems, but they're also sending a request over to Rack ACF too. Understand that provisioning system is running on a Windows-based server somewhere.