Written by: David Bruce
Put on your hoodie and head for a darkened room! Oh. Wait. Sorry, that’s just the movie version.
Despite the stereotype, hackers are real, and they’re dangerous! It’s now their full-time job and they are doing it well. In July, ransomware extortion had leaped to an incredible $5.2M per attack with the largest single demand coming in April 2024 at $100 million. And we know how they are getting in. Attacks using stolen or compromised credentials were up 71% year-over-year in 2023 and security configuration errors comprised 30% of web application vulnerabilities.
Since your mainframe holds all your crucial data and runs more than 75% of the world’s business transactions—it’s a big target. These systems house invaluable data—financial details, personal identification information, and proprietary business data—making them prime targets for increasingly sophisticated cybercriminals. Once driven by immediate financial gain through direct theft, these adversaries now frequently resort to ransomware, holding crucial data hostage for hefty ransoms. And this evolving threat landscape underscores the critical need for robust mainframe security.
The good news is, that your mainframe has a full security suite of software to protect it with a Zero Trust strategy. And even more good news: There’s still more you can do.
What is Ethical Mainframe Hacking?
Enterprises must operate on the assumption that breaches are inevitable. As Zero Trust calls for us to “assume breach” we need a counter to the previously mentioned hacker. Not a dangerous hacker, but an ethical one to help us ID the gaps in our security strategy – to find the vulnerabilities before someone else does.
This is one of the reasons that “pentesting,” or “ethical hacking,” is growing. Pentesting is a highly effective method for finding and resolving vulnerabilities before someone without your best interests at heart does.
You can always engage a service to perform this work for you or expand the role of one of your experts already on staff. Someone who knows your mainframe, understands your business and processes, and is an expert on cybersecurity threats. Just be sure to choose one of those.
No-Cost Ethical Mainframe Hacking Course
Recognizing this need, Broadcom has stepped up to bridge the knowledge gap by offering a no-cost, instructor-led course on ethical mainframe hacking for customers. Designed by mainframers, for mainframers, this course offers practical experience including lectures, instructor-led demonstrations, and hands-on labs.
To enroll in this course or to learn more, check out the “Ethical Mainframe Hacking: How to Play Offense with Mainframe Security” blog.
Broadcom Mainframe Software Division empowers enterprises to amplify the value of their mainframe investments in ways that drive their business forward. Our market-leading DevOps, AIOps, Cybersecurity and Compliance, Data Management, and Foundational & Open Software solutions enable clients to adopt common tools using industry standards and integrate mainframe as part of their hybrid cloud. Our commitment to partnership extends beyond software and features Beyond Code programs that give customers the power to achieve greater business success with the platform.