Special Report: Marketplace Security Survey, Risky Business - 32

MAINFRAME SECURITY SURVEY

ad actors are everywhere,
lurking in the shadows
of an otherwise relatively
benign computing world.
They could be governments,
business competitors, organized
cybergangs, hacktivists, teenagers
with laptops or disgruntled
employees. And their disguises
are many, ranging from mal- and
ransomware, network sniffers,
and phishing schemes to social
engineering and seemingly
innocuous documents sitting in
file systems. They attack firewalls,
clouds, mobile devices, passwords
and even everyday complacency.
This is why 54.1 percent
of respondents to a recent
mainframe-security survey conducted by IBM Systems Magazine
said they're very concerned
about security. Another 36.3
percent indicated they're somewhat concerned, and 9.6 percent
aren't concerned at all. That last
number aside, it's clear that
organizations of all types realize
security risks are real and perhaps growing-both in numbers
and sophistication.

B

A Great Threat
But few are taking any chances.
Information Technology Co.,
based in Falls Church, Virginia,
takes security risks so seriously
that it set up a mainframe on
the web with no firewall to see
how many hits it gets, says
Stan King, the company's CTO.

Although no one has hacked into
the machine, it attracts 5,000 to
6,000 attempts a day. "A lot of
them are robot-oriented types of
security hacks, where someone's
just trying every IP address,
every port-but they're definitely
hitting us," he explains.
That should alarm the 9.6 percent who aren't concerned about
security at all. They may have
sky-high firewalls, a bevy of thirdparty security solutions in place
and strictly adhered-to policies,
but they may also be overlooking the biggest security concern
of all, according to the survey:
74 percent of respondents are
wary of both unauthorized and
authorized system-user access or
credential abuse.
"Unauthorized users tend to
have access to very sensitive
data, and this can present a great
threat to the organization," says
Trinadh Desu, senior associate
with Teaneck, New Jerseybased Cognizant Technology
Services. To help counter this, his
organization has implemented
security-related policies and
audits. The business and
technology services company also
employs encryption and restricts
workplace web and mobile usage.
Fred Shay, mainframe storage
manager, IBM, agrees with
this assessment, noting that
because the mainframe is more
secure than Wintel servers,
internal threats are often most

"Unauthorized users tend
to have access to very
sensitive data, and this
can present a great threat
to the organization."
-Trinadh Desu, senior associate, Cognizant
Technology Services

32 // SEPTEMBER/OCTOBER 2016 ibmsystemsmag.com

!
54.1%
of survey
respondents say
they are very
concerned about
security

serious. "The risk is from people
already within the circle of trust:
people misusing data they're
already authorized to access;
disgruntled, malicious or careless
employees; inappropriate access
by vendors who are trusted. This
is how security incidents happen
on the mainframe," he says. "It's
up to other business functions,
such as the human resources
department and regular audits,
to detect problems that occur
among the authorized."

A Seemingly
Endless List
That's not the only way. According to the survey, other threat
concerns include unauthorized
users (52 percent), external
hackers (50 percent), unprotected

Security Survey
Methodology
Security is a topic that's paramount to the
majority of enterprises today. The mainstream
media is rife with examples of businesses that
have suffered data breaches of one sort or
another. To ensure their companies stay out
of the headlines, IT leaders must manage a
number of security threats. With this in mind,
IBM Systems Magazine, Mainframe edition set
out to learn about readers' security concerns.
In late May and early June, the magazine
team electronically surveyed 17,700
engaged readers. Of those, 454 completed
the 24-question survey, which equates to a
2.6 percent completion rate.
To learn more about what your peers think
about security issues, read the special report.
If you have any feedback on this survey or
ideas for future topics, let us know.

Evelyn Hoover, Executive Editor
ehoover@msptechmedia.com


http://www.ibmsystemsmag.com

Special Report: Marketplace Security Survey, Risky Business

Table of Contents for the Digital Edition of Special Report: Marketplace Security Survey, Risky Business

Special Report: Marketplace Security Survey, Risky Business - 31
Special Report: Marketplace Security Survey, Risky Business - 32
Special Report: Marketplace Security Survey, Risky Business - 33
Special Report: Marketplace Security Survey, Risky Business - 34
Special Report: Marketplace Security Survey, Risky Business - 35
Special Report: Marketplace Security Survey, Risky Business - 36
Special Report: Marketplace Security Survey, Risky Business - 37
Special Report: Marketplace Security Survey, Risky Business - 38
Special Report: Marketplace Security Survey, Risky Business - 39
Special Report: Marketplace Security Survey, Risky Business - 40
Special Report: Marketplace Security Survey, Risky Business - 41
http://www.ibmsystemsmagmainframedigital.com/mspcomm/ibmsystemsmag/ibmsystems_mainframe_20200708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20200506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20200304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20200102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/2020mfse
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20191112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/relevantz_20190102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/2019mfse
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20181112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/2018mfse
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20171112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170910_v2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_sesupp
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_linuxsupp
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20161112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/MainframeSecurity
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20151112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150910_se
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150910
http://www.ibmsystemsmagmainframedigital.com/MFSkills
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150506_supp
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20141112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140910_v2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_gt_201405
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/BigData
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20131112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130910_v2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20121112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/buyersguide2013
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/ibmsystems_mainframe_2012bg
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20111112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20101112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100910_bg
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20091112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20090910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20090708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20090506
https://www.nxtbook.com/nxtbooks/ibmsystemsmag/mainframe_20090304
https://www.nxtbookmedia.com