Tried and true, the mainframe is here to stay as the backbone of our digital economy. Even as we advance to include new storage systems, all of our data exists on a mainframe somewhere. In fact, by 2030, there will be 40 trillion mobile transactions per day and the mainframe will process 75% of those transactions.
With that said, it’s no surprise that recent research reported 86% of IT and security managers agreed that mainframes are essential for scaling workloads, with 75% stating they’re critical for business continuity. At the same time, only 50% of businesses are prioritizing mainframe security, largely due to the misconception that the mainframe is inherently secure – a belief held at 62% of firms.
Despite their longstanding reliability and reputation for security, mainframes are unfortunately not impenetrable and business owners need to recognize them as such. Like any other computing platform, mainframes need to be managed with compliance and potential vulnerabilities in mind.
Tech Advancements Benefits All of Us – Including Hackers
Even as cybersecurity technology makes huge strides, unfortunately so do the resources and strategies available to hackers. This proved true last month, when Russian hackers compromised software used by hundreds of organizations, ranging from top federal agencies – including the State Department, the Department of Homeland Security and parts of the Pentagon – to nuclear labs, to Fortune 500 companies.
A private cybersecurity firm alerted American intelligence that many layers of defences had been breached in an attack so sophisticated it even stunned experts who have followed Russian cyberattacks for decades. It’s unclear what the first exploit was exactly, but – some 18,000 private and government users downloaded tainted software updates that unleashed hackers into victims’ systems. As a result, these hackers stole tons of sensitive data, most of which isn’t even accounted for yet.
Massive violating hacks like this one, remind us that as the perimeter continues to break down, likely due to the increase in remote employees related to the COVID-19 pandemic, it’s more important than ever to ensure your organization is protected at the data level. As long as humans are writing and maintaining software,technology will suffer from even the most minor of errors that can be exploited.
Even the strongest user authentication and authorization security controls cannot always block breaches, whether they’re due to a lack of monitoring, excessive access privileges, or ransomware. In fact, the first half of 2020 saw an approximate 35% increase in total attack volume compared to the second half of 2019. This could be due in part to the increase in remote employees related to the COVID-19 pandemic, dismantling the perimeter that so many organizations relied on to verify access.
Without the proper cybersecurity strategy that both safeguard technology and raise employee awareness and caution, organizations increase their exposure to threats, are more likely to allow unauthorized access to critical data, and lack control of who has data access in the first place. To avoid these consequences, IT and security leaders can invest in a Zero Trust Architecture (ZTA)to increase internal prioritization of mainframe security and mitigate threats to their business.
Zero Trust Architecture puts mainframe security on the forefront. Focused on addressing lateral threat movement within the network, ZTA leverages micro-segmentation and granular enforcement, based on user context, data access controls, location, app and the device posture. This academic approach works to address and solve the pressing problems head-on and in the end raise overall mainframe awareness. As a result, 67% of IT managers expect a ZTA will reduce their organizations’ overall risk.
NIST Writes Zero Trust Playbook
In August of this year the National Institute of Standards and Technology (NIST) released a concise set of Zero Trust definitions and guidelines. Together, several key takeaways from this document form a baseline roadmap for configuring an enterprise’s Zero Trust Architecture.
- New focus: ZTA needs to encompass everything surrounding the mainframe, from inside and out. It’s an evolving set of cybersecurity paradigms that refocuses defenses on users, assets, and resources. With that in mind, no implicit trust can be granted to user accounts based on location or ownership and there must be a focus on protecting resources, not network segments.
- Migration: Organizations must reach a baseline of competence before deploying Zero Trust in any significant environment. This means having, assets, subjects, business processes, traffic flows and dependency mappings identified and catalogued for the enterprise, then developing a list a list of potential business processes and the people and assets involved in this process.
- Logical Components: Work together to feed your policy engine. Components particularly important to mainframe security include your industry compliance system, threat intelligence feed(s), data access policies, and ID management system.
- Policy Components: Make go/no-go decisions based on information from the logical components, which is why accurate and timely information from the logical components is so imperative. It’s also why enterprises need a baseline of competence before deployment. Good data in, correct access given. Bad data in, possible exploit.
- Cybersecurity Framework: ZTA is not a single framework or a rejection of existing cybersecurity policies. It’s an evolution of current cybersecurity strategies in which organizations need to be able to:
- Identify resources via asset management, business environment, governance, risk assessment, risk management
- Protect assets via access control, awareness &training, data security, info protection process &procedures, maintenance, and protective technology
If the playbook is followed, the Zero Trust Framework will have a lasting positive impact on organizations’ mainframe security, and therefore, business prosperity. By improving access visibility and control, creating a more efficient data management process and stronger data ownership, and scanning software for vulnerabilities, enterprises can expect to benefit from a more secure mainframe. In fact, 60% of organizations expected their ability to detect breaches to improve once their ZTA was successfully implemented.
Breaches can be devastating to businesses, potentially sacrificing millions of dollars and customer relationships. Working to safeguard the mainframe and implementing processes that shed light on the mission-critical technology it is, protects data in the present and will power businesses into the future.
Cynthia Overby is the President and Co-Founder of Key Resources, Inc., (KRI). An expert in mainframe compliance, risk management, governance, and cybersecurity business case development, she has served in leadership roles across a variety of industries for the past 30+ years. In her current role, Overby identifies and shapes KRI's strategic plan, leads the company's product vision together with KRI's CTO and provides product strategy and direction. She was recently elected to the SHARE board of directors for a 2 year term and was awarded a position on The Software Report's "Women Leaders in Cybersecurity" in 2020.
Find me on LinkedIn