is complacency around mainframe security a disaster waiting to happen?
TRANSCRIPT
Is Complacency Around Mainframe Security a Disaster Waiting to Happen?
Jeff Cherrington
Mainframe
CA Technologies
Sr. Director, Product
Session #: MFT58S
Julie-Ann Williams
millennia…
Managing Director
Steve Hosie
Cyber Security Services
Founder
Steve Garrett
Wells Fargo Bank
VP, Mainframe Security Technical Services
2 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
© 2015 CA. All rights reserved. All trademarks referenced herein belong to their respective companies.
The content provided in this CA World 2015 presentation is intended for informational purposes only and does not form any type
of warranty. The information provided by a CA partner and/or CA customer has not been reviewed for accuracy by CA.
For Informational Purposes Only
Terms of this Presentation
3 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
Abstract
Cyber-attacks damage an organization far beyond the breached
data. The ripple effect is felt on your relations with customers,
investors and employees. This security panel will discuss how
being compliant doesn’t mean you are secure and how
complacency around mainframe security will come back to bite
you! Most IT security departments today struggle to meet
organizational demands, especially with limited resources and
budgets. Yet in todays' interconnected datacenter, we have to ask -
is your team unaware of both malicious and accidental attack
vectors now targeting mainframe data? Gain some insight from
our experts; and come prepared to ask your own questions too!
Jeff CherringtonCA Technologies
Julie-Ann Williams millennia…
Steve Garrett Wells Fargo
Steve HosieCyberSecurity.Services
4 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
We have seen multiple Mainframe specific breaches (CSC, Logica, others?) - yet we continually hear that the mainframe has not been breached and that it is the most secure platform available. Please respond…
5 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
From the perspective of compliance, should the mainframe be considered out of scope?
In other words, should CIO’s and CISO’s be worried about the mainframe?
6 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
What do you see as the greatest threat to the Security of the Mainframe in the future to be:
7 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
- The “grey backs” retiring and being replaced by millennials?
- The proliferation of Web Based applications accessing mainframe data?
- Apathy, caused by the belief that the mainframe is inherently secure
- The move towards more open system interfaces
- Or something else or some combination of the above?
8 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
In an 2013 article in Dark Reading, Adrian Lane (a Security Strategist), said the following:
“The persons responsible for mainframe database security, don't have a lot to worry about. And if you were worried about these attacks, you can disable FTP to thwart malicious code uploads. Or, firewall off the mainframe from Web access, as seems common. Beyond that most of the flaws must be addressed by IBM through code changes.”
9 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
Summary
A Few Words to Review
Key Topics
Don’t let complacency and apathy around the mainframe put you in a vulnerable position.
Findings
The mainframe is interconnected and contains mission critical data – don’t let a data breach ruin your business
Experiences
How are you finding and protecting your most critical data?
Q & A
For More Information
To learn more, please visit:
http://cainc.to/Nv2VOe
CA World ’15