And this risk is not going away . Mainframe sales are on the rise , and despite its reputation as the impenetrable fortress of the IT world , the mainframe is just as much a target for inside and outside threats as any other system . Notably , the main server of Nordea Bank fell victim to a sophisticated ransomware attack in which a hacker attempted to steal hundreds of thousands of Euros through a series of unauthorized transfers .

CIOs and CISOs need to avoid these kinds of risks , which is why it ’ s more important than ever to look for opportunities to automate mainframe security processes and procedures . Here ’ s what you ’ re up against .

A tempting target and an undermanned defense

Most CISOs understand the risk to distributed IT systems , but the mainframe tends to get overlooked or taken for granted in conversations about holistic corporate IT strategy . That ’ s scary , given how central the mainframe is to most enterprises – up to 87 % of the world ’ s credit card transactions are executed on mainframes , for example .

Even within experienced mainframe operations teams , mainframe security is restricted to things like application vulnerability scanning . Companies use tools like IBM RACF , CA ACF2 or CA Top Secret for authorization and authentication .

Application scanning is important , but it ’ s not comprehensive . If someone were to attack a mainframe app , they could only gain access to the data within that app . Due to the way mainframe operating systems are designed , hackers who break into one app are not able to gain any additional level of access to other apps or the operating system .

What happens if a hacker gains access to the actual operating system , by exploiting integrity vulnerabilities in OS-level code ? Now , the whole empire is at risk – every app , all data and even mainframe configuration and user settings can be exploited . That ’ s when a hacker can really wreak havoc , exploiting vulnerabilities to impersonate users , access protected information , escalated privileges and much more . Worse , a hacker with OS-level access can even disable event logging to completely cover their tracks – you ’ d never know what hit you .

Unfortunately , not many companies have made it a regular practice to scan for and remedy vulnerabilities on the OS layer . For a while , many mainframe professionals and vendors even denied the existence of such vulnerabilities , despite evidence . This complacency meant major vulnerabilities were left open for hackers to exploit , as they did in the Nordea Bank case .

Additionally , in my experience , many of today ’ s C-level IT executives ascended to their position through the distributed side of IT – not mainframe . That just further complicates the issue , as mainframe security might feel entirely foreign and intimidating to them .

www . intelligentcio . com INTELLIGENTCIO 45