NewsSecurity, complacency and the age of automation


    Security, complacency and the age of automation

    5th November 2019: In 2019, more than 70% of RSM Partners' work will be related to mainframe security in some shape or form. My previous blog discussed key trends and issues arising from the 2019 BMC Mainframe Survey. It's clear that while the mainframe continues to grow in power and popularity, for some organizations at least, pressing Security matters remain unaddressed.

  • Despite the high levels of confidence in the mainframe reported by the survey, security is still a big issue.

    A quick recap of the report. 59% of executives now recognize the mainframe as a "platform for growth" and, overall, more than half of respondents believed the mainframe will support growth in new workloads. As for priorities, the number one for execs was Cost Reduction 61% followed very closely by Compliance/Security 60%. For techies, Cost Reduction was very clearly their top priority, ahead of Compliance/Security by 14%.

    However, execs also rated Security as their major 'Concern' for the platform while simultaneously seeing the mainframe as a driver for growth. Techies, on the other hand, cited security as a 'Strength'. There's clearly a difference of opinion. But as I reported in a recent blog, there does seem to be a degree of complacency when it comes to mainframe security. I wrote that some areas of IT including mainframe operations are "in self-denial about data protection and the state of their security. This isn't the case for all, certainly, but it still adds up to a major problem." My point was supported by research by Forrester Consulting.

    Back to the BMC survey, which went on to state that Security will be a key element of "the next wave of mainframe success" and in particular that "maintaining customer trust that their critical data is secure is key for organizations." 92% of respondents to the survey reported being audited at least every two years. 77% have been subject to a finding or potential breach.

    Now, while the report does indicate that some organizations are making moves to secure their platform, there's still a great deal more to be done.

    For example: more than two-thirds of respondents are not using external services for pen testing. That did surprise me a little, as my team and I spend an awful lot of our time doing precisely that for RSM clients around the world. 58% of respondents are not carrying out privileged user monitoring. And almost three-quarters of organizations surveyed 74% are not using dedicated Security Information and Event Management SIEM.

    At the same time, the report commented that "Mainframe environments are handling increases in data volume, the number of databases, and transaction volume." We are moving towards full enterprise integration. Yet basic security measures aren't, in so many cases, being implemented. Why? Particularly when you consider both the confidence that execs now have in the platform together with their increased awareness and focus on cyber security. Should those execs be worried?

    The point is, the ways and means to ramp up your security posture are, as I've written many times before, already out there. Calling on external experts is the norm, particularly in the current age of skills shortages. Yes, we're working to develop and deliver the next generation of mainframe practitioners, but they've not arrived yet. Regardless, we have to crack on with improving our mainframe security stance, or at least getting solid answers to the question: are we actually as secure as we think we are?

    Which links to another important point raised in the BMC report: using automation and artificial intelligence AI-particularly when we face headcount deficits in teams-to deliver the security we need, as well as the performance, reliability and availability that users demand. We can expect to see a lot more of this, as automation and AI increasingly permeate all layers of business and society. In this case, it can mean monitoring, recording and using advanced security algorithms to apply intelligent analysis to, for example, detect suspicious events that pose a threat to an organization's security situation, and being able to take action before they have a serious impact.

    By the way, is it just me, or is a new Terminator film released around the same time as AI is under discussion again?

    More than two years ago, an IBM blog maintained that "Automated real-time analytics are no longer a luxury. They are a necessity. On the mainframe platform, you should analyze, prioritize and remediate threats... and create real-time alerts." And to do it at an enterprise scale. That's clearly not happening-yet-which should be of concern. Especially as expert mainframe practitioners are carefully shaped and crafted over time, and simply cannot be manufactured en masse. The outlook for our platform is extremely positive, which is great news-but there's clearly still a hill to climb when it comes to security.

    An international speaker in mainframe security and technology, and a passionate advocate of all things Z, Mark Wilson heads RSM Partners' Technical and Security teams.

    For more information email: info@rsmpartners.com